search

Rundiz / upload

PHP file upload class for single or multiple files with many validations.
http://rundiz.com/web-resources/php-upload-v2
MIT License
26 stars 9 forks source link

ClamAv - windows PrivateTmp #8

Closed xkpx64 closed 3 years ago

xkpx64 commented 3 years ago

I'am trying to implement your new additions to this project [clamav], but i dont find anywhere this PrivateTmp option, I tried to disable upload_tmp_dir in php.ini but the result is the same (failed to scan). : i use default clamd.conf tried to change [TemporaryDirectory "C:\Xampp\tmp"] but result is the same. Capture

ve3 commented 3 years ago

Please follow the instruction in test-clamav.php View the source code here ( https://github.com/Rundiz/upload/blob/version2/tests/via-http/test-clamav.php )

// ClamAV maybe unable to scan files, folders in /tmp folder. Please follow these instruction to fix it. // https://stackoverflow.com/questions/47625768/php-file-upload-scanning-using-clamav-permissions-on-tmp // look in /lib/systemd/system for apache2.service, httpd.service, etc... and change PrivateTmp=false // also run this command usermod -a -G apache clamscan. // https://clamav-users.clamav.narkive.com/Bul2w2Wf/clamav-failed-to-scan-files-in-tmp-folder

I'm not sure is this can help but I tried to make it work on CentOS, the Apache service config need to change private temp setting. I have no idea where is it on Windows or maybe it is needed to set temp folder permission to writable by everyone.

xkpx64 commented 3 years ago

I check with clean 40mb file and shows in tmp directory and ClamAv scan it and its okey. But when i test with 1kb file Virus.txt it don't show in tmp directory for some reason i suspect it is too small or function move_upload_files tries to move it too fast. Idk yet but trying to fix it somehow. I have set all kinda permissions to tmp-folder, also set clamd.conf to TemporaryDirectory "C:\Xampp\tmp" FollowDirectorySymlinks yes FollowFileSymlinks yes

ve3 commented 3 years ago

That virus.txt contain something that virus scan can detected (Kaspersky can detected) and it is possible that the uploaded file will be removed by the antivirus before ClamAV if you have 2 of them.

The uploaded files, once done it will be moved to your target location but once failed it will be deleted.

I think this problem is go too far than my upload class since I already have callback function to make any external scanner work and it is ClamAV+something else problem (maybe permission or Apache or ClamAV itself). I would recommended to ask for other expert on Stackoverflow.com because there are a lot of person can help. And if the answer pointed that it is from somewhere of my upload class, I'll be happy to fix that for you.