Since you never disclosed which "patch from untrusted source" should integrate ClamAV with Vsftpd only a few common methods remain:
- a cron job, which may make you miss files to scan if they're for example moved right after uploading,
- Dazuko (or equivalent on-access scanning LKM) which may (or more likely: may not) patch cleanly against your current kernel version (and having to compile it for any new kernel),
- on-access scanning triggered by an Inotify event like the closing of a file written to.
|