[Mimedefang] scan known-password protected ZIP files
Pierre Dehaen
pi at drever.be
Tue Aug 30 07:39:42 EDT 2005
Hi,
Is it possible to make the filter accept password protected ZIP files only when
the password is the company's chosen (configured) one and the virus scan
did not report any virus ? The company would then give the password to use
to its customers/suppliers/...
I see in the man page of Archive::Zip that "The Archive::Zip module does not
currently create or extract encrypted members." but I also see in
clamscan/manager.c of clamav that it can scan protected zip files with a
hard-coded password:
char *args[] = { "unzip", "-P", "clam", "-o", NULL, NULL };
Mimedefang talks to clamd, which does not contain such a code, so I don't
know if it is possible to do it in this case.
So the idea could be the following in mimedefang-filter:
if (the zip file does not contain bad extensions) {
if (contains password protected files) {
unzip with an external unzip program and a given, hard-coded, password
if (it works) {
scan the files
} else {
reject
}
}
}
Does this make sense to you ? Thanks for any feedback.
Pierre
More information about the MIMEDefang
mailing list