HTTP Anti-Virus Proxy

Official HAVP Support Forum
Registration disabled, I'm tired of spambots. E-mail havp@hege.li if you have questions.
HAVP project is pretty much frozen/abandoned at this time anyway.


All times are UTC + 2 hours [ DST ]




Post new topic Reply to topic  [ 4 posts ] 
Author Message
PostPosted: 16 Mar 2009 13:49 
Offline

Joined: 16 Mar 2009 13:15
Posts: 3
Hi and thx for havp.

I'm running Linux, Ubuntu 8.04, and I think that the following could apply to my kernel:

http://www.mjmwired.net/kernel/Document ... ocking.txt :

Mandatory File Locking For The Linux Operating System
2
3 Andy Walker <andy[AT]lysaker.kvaerner[DOT]no>
4
5 15 April 1996
6 (Updated September 2007)
7
8 0. Why you should avoid mandatory locking
9 -----------------------------------------
10
11 The Linux implementation is prey to a number of difficult-to-fix race
12 conditions which in practice make it not dependable:
13
14 - The write system call checks for a mandatory lock only once
15 at its start. It is therefore possible for a lock request to
16 be granted after this check but before the data is modified.
17 A process may then see file data change even while a mandatory
18 lock was held.
19 - Similarly, an exclusive lock may be granted on a file after
20 the kernel has decided to proceed with a read, but before the
21 read has actually completed, and the reading process may see
22 the file data in a state which should not have been visible
23 to it.
24 - Similar races make the claimed mutual exclusion between lock
25 and mmap similarly unreliable.

Now I have only one disk partition on my proxy server running havp with clamav and squid, so I'd like to know why I should use mandatory lock for havp. If I don't use it what will be the consequences?

Best regards,

Andrea Ferraris


Top
 Profile  
 
PostPosted: 17 Mar 2009 14:02 
Offline

Joined: 16 Mar 2009 13:15
Posts: 3
Maybe is only the INSTALL doc that is not up to date? I noticed that the installation created such device: /var/lib/havp/havp.loop on /var/spool/havp type ext3 (rw,mand,loop=/dev/loop0)
and I found there some dir that seems temporary.

Is it right? I don't have to care about mounting with mandatory lock my root file system?

Regards


Top
 Profile  
 
PostPosted: 17 Mar 2009 15:29 
Offline
HAVP Developer

Joined: 27 Feb 2006 18:12
Posts: 687
Location: Finland
HAVP installation does not create anything. You are using distribution package, which may do it's own things.

Without locking, files cannot be scanned as they are received. If your scansize is 5MB for example, server needs to wait until it's fully received, scan it and then only start sending to client. It's not mandatory if you don't mind some delays for large files.


Top
 Profile  
 
PostPosted: 17 Mar 2009 16:47 
Offline

Joined: 16 Mar 2009 13:15
Posts: 3
thx


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC + 2 hours [ DST ]


Who is online

Users browsing this forum: Google [Bot] and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group