[x] Add c.clamav validator to scan for viruses on file upload. Should be a soft dependency. If c.clamav is installed, the validator should be added, else not.
[x] Customize download view to scan for viruses on file download. If a virus is found, redirect to file view with a portal message "Download denied. File contains a virus." Only if c.clamav is installed.
Possible enhancements:
[ ] Limit file size. Only scan files that are less than a configurable size (e.g. 100 MB)
[x] Possibility to deactivate scanning even if c.clamav ist installed.
[ ] Do not load file data into memory (Optimization in c.clamav)
[ ] Ensure that scanning on download can only be run sequentially. It shouldn't be possible to DOS the server by calling download multiple times. Maybe cache the scan status. It should be sufficient to scan the file only once a day.
Use collective.clamav (https://github.com/collective/collective.clamav) This is needed for ogb teamraum and web (ftw.file 1.x) See: https://extranet.4teamwork.ch/betrieb/tracker/926
Possible enhancements: