class ThreatScanner
Runs a virus/malware check against the given path, using ClamAV.
Sample usage:
# Call with a file object: ThreatScanner.new(@unknown_tempfile).check! # ...or with a path: ThreatScanner.new('path/to/README').check!
Attributes
path[R]
Public Class Methods
installed?()
click to toggle source
# File lib/ndr_support/threat_scanner.rb, line 22 def self.installed? system('which clamdscan > /dev/null 2>&1') end
new(path)
click to toggle source
# File lib/ndr_support/threat_scanner.rb, line 28 def initialize(path) @path = path.respond_to?(:path) ? path.path : path end
Public Instance Methods
check()
click to toggle source
Returns true if the given file is deemed safe, and false if it could not be checked. Raises if a threat is detected, or the file did not exist.
# File lib/ndr_support/threat_scanner.rb, line 34 def check check! rescue MissingScannerError, ScannerOperationError false end
check!()
click to toggle source
Returns true if the given file is deemed safe, and raises an exception otherwise (if the file is unsafe / does not exist / scanner broke etc).
# File lib/ndr_support/threat_scanner.rb, line 42 def check! check_existence! && check_installed! && run_scanner! end
Private Instance Methods
check_existence!()
click to toggle source
# File lib/ndr_support/threat_scanner.rb, line 48 def check_existence! File.exist?(@path) || raise(MissingFileError, "#{@path} does not exist!") end
check_installed!()
click to toggle source
# File lib/ndr_support/threat_scanner.rb, line 52 def check_installed! self.class.installed? || raise(MissingScannerError, 'no scanner is available') end
run_scanner!()
click to toggle source
# File lib/ndr_support/threat_scanner.rb, line 56 def run_scanner! `clamdscan --fdpass --quiet #{Shellwords.escape(@path)}` case $CHILD_STATUS.exitstatus when 0 then true when 1 then raise(ThreatDetectedError, "possible virus detected at #{@path}!") else raise(ScannerOperationError, 'the scan was unable to complete') end end