[pmg-devel] [PATCH pmg-api] fix duplicate 'x-ms-dos-executable' in default 'Dangerous Content' object

all lists on lists.proxmox.com
 help / color / mirror / Atom feed

From: Dominik Csapak <d.csapak@proxmox.com>
To: pmg-devel@lists.proxmox.com
Subject: [pmg-devel] [PATCH pmg-api] fix duplicate 'x-ms-dos-executable' in default 'Dangerous Content' object
Date: Mon,  7 Mar 2022 11:07:33 +0100	[thread overview]
Message-ID: <20220307100733.2092889-1-d.csapak@proxmox.com> (raw)

it was in there twice. Fixes also the testdb.txt test
(there it can be seen that there is still an entry with the same filter)

Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
 src/PMG/DBTools.pm   |  2 --
 src/tests/testdb.txt | 57 ++++++++++++++++++++++----------------------
 2 files changed, 28 insertions(+), 31 deletions(-)

diff --git a/src/PMG/DBTools.pm b/src/PMG/DBTools.pm
index d53711f..bd35d2c 100644
--- a/src/PMG/DBTools.pm
+++ b/src/PMG/DBTools.pm
@@ -674,8 +674,6 @@ sub init_ruledb {
     $ruledb->group_add_object($exe_content, $obj);
     $obj = PMG::RuleDB::ContentTypeFilter->new('application/x-executable');
     $ruledb->group_add_object($exe_content, $obj);
-    $obj = PMG::RuleDB::ContentTypeFilter->new('application/x-ms-dos-executable');
-    $ruledb->group_add_object($exe_content, $obj);
     $obj = PMG::RuleDB::ContentTypeFilter->new('message/partial');
     $ruledb->group_add_object($exe_content, $obj);
     $obj = PMG::RuleDB::MatchFilename->new('.*\.(vbs|pif|lnk|shs|shb)');
diff --git a/src/tests/testdb.txt b/src/tests/testdb.txt
index dc08df8..794aa15 100644
--- a/src/tests/testdb.txt
+++ b/src/tests/testdb.txt
@@ -2,35 +2,34 @@ Found RULE 4: Blacklist
   FOUND FROM GROUP 1: Blacklist
     OBJECT 1: nomail@fromthisdomain.com
   FOUND ACTION GROUP 17: Block
-    OBJECT 31: block message
+    OBJECT 30: block message
 Found RULE 2: Block Viruses
   FOUND WHAT GROUP 8: Virus
-    OBJECT 22: active
+    OBJECT 21: active
   FOUND ACTION GROUP 17: Block
-    OBJECT 31: block message
+    OBJECT 30: block message
   FOUND ACTION GROUP 19: Notify Admin
-    OBJECT 33: notify __ADMIN__
+    OBJECT 32: notify __ADMIN__
 Found RULE 3: Virus Alert
   FOUND WHAT GROUP 8: Virus
-    OBJECT 22: active
+    OBJECT 21: active
   FOUND ACTION GROUP 17: Block
-    OBJECT 31: block message
+    OBJECT 30: block message
   FOUND ACTION GROUP 19: Notify Admin
-    OBJECT 33: notify __ADMIN__
+    OBJECT 32: notify __ADMIN__
   FOUND ACTION GROUP 20: Notify Sender
-    OBJECT 34: notify __SENDER__
+    OBJECT 33: notify __SENDER__
 Found RULE 1: Block Dangerous Files
   FOUND WHAT GROUP 7: Dangerous Content
     OBJECT 16: content-type=application/javascript
     OBJECT 17: content-type=application/x-executable
     OBJECT 15: content-type=application/x-java
     OBJECT 14: content-type=application/x-ms-dos-executable
-    OBJECT 18: content-type=application/x-ms-dos-executable
-    OBJECT 19: content-type=message/partial
-    OBJECT 20: filename=.*\.(vbs|pif|lnk|shs|shb)
-    OBJECT 21: filename=.*\.\{.+\}
+    OBJECT 18: content-type=message/partial
+    OBJECT 19: filename=.*\.(vbs|pif|lnk|shs|shb)
+    OBJECT 20: filename=.*\.\{.+\}
   FOUND ACTION GROUP 14: Remove attachments
-    OBJECT 28: remove matching attachments
+    OBJECT 27: remove matching attachments
 Found RULE 12: Quarantine Office Files
   FOUND WHAT GROUP 6: Office Files
     OBJECT 9: content-type=application/msword
@@ -41,46 +40,46 @@ Found RULE 12: Quarantine Office Files
     OBJECT 12: content-type=application/vnd\.stardivision\..*
     OBJECT 13: content-type=application/vnd\.sun\.xml\..*
   FOUND ACTION GROUP 22: Attachment Quarantine (remove matching)
-    OBJECT 36: remove matching attachments
+    OBJECT 35: remove matching attachments
 Found RULE 11: Block Multimedia Files
   FOUND WHAT GROUP 5: Multimedia
     OBJECT 5: content-type=audio/.*
     OBJECT 6: content-type=video/.*
   FOUND ACTION GROUP 14: Remove attachments
-    OBJECT 28: remove matching attachments
+    OBJECT 27: remove matching attachments
 Found RULE 5: Whitelist
   FOUND FROM GROUP 2: Whitelist
     OBJECT 2: mail@fromthisdomain.com
   FOUND ACTION GROUP 16: Accept
-    OBJECT 30: accept message
+    OBJECT 29: accept message
 Found RULE 8: Block Spam (Level 10)
   FOUND WHAT GROUP 11: Spam (Level 10)
-    OBJECT 25: Level 10
+    OBJECT 24: Level 10
   FOUND ACTION GROUP 17: Block
-    OBJECT 31: block message
+    OBJECT 30: block message
 Found RULE 7: Quarantine/Mark Spam (Level 5)
   FOUND WHAT GROUP 10: Spam (Level 5)
-    OBJECT 24: Level 5
+    OBJECT 23: Level 5
   FOUND ACTION GROUP 13: Modify Spam Subject
-    OBJECT 27: modify field: subject:SPAM: __SUBJECT__
+    OBJECT 26: modify field: subject:SPAM: __SUBJECT__
   FOUND ACTION GROUP 18: Quarantine
-    OBJECT 32: Move to quarantine.
+    OBJECT 31: Move to quarantine.
 Found RULE 6: Mark Spam
   FOUND WHAT GROUP 11: Spam (Level 10)
-    OBJECT 25: Level 10
+    OBJECT 24: Level 10
   FOUND ACTION GROUP 12: Modify Spam Level
-    OBJECT 26: modify field: X-SPAM-LEVEL:__SPAM_INFO__
+    OBJECT 25: modify field: X-SPAM-LEVEL:__SPAM_INFO__
   FOUND ACTION GROUP 13: Modify Spam Subject
-    OBJECT 27: modify field: subject:SPAM: __SUBJECT__
+    OBJECT 26: modify field: subject:SPAM: __SUBJECT__
 Found RULE 9: Block outgoing Spam
   FOUND WHAT GROUP 9: Spam (Level 3)
-    OBJECT 23: Level 3
+    OBJECT 22: Level 3
   FOUND ACTION GROUP 17: Block
-    OBJECT 31: block message
+    OBJECT 30: block message
   FOUND ACTION GROUP 19: Notify Admin
-    OBJECT 33: notify __ADMIN__
+    OBJECT 32: notify __ADMIN__
   FOUND ACTION GROUP 20: Notify Sender
-    OBJECT 34: notify __SENDER__
+    OBJECT 33: notify __SENDER__
 Found RULE 10: Add Disclaimer
   FOUND ACTION GROUP 21: Disclaimer
-    OBJECT 35: disclaimer
+    OBJECT 34: disclaimer
-- 
2.30.2

next             reply	other threads:[~2022-03-07 10:08 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-03-07 10:07 Dominik Csapak [this message]
2022-03-07 17:09 ` [pmg-devel] applied: " Stoiko Ivanov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220307100733.2092889-1-d.csapak@proxmox.com \
    --to=d.csapak@proxmox.com \
    --cc=pmg-devel@lists.proxmox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.

Service provided by Proxmox Server Solutions GmbH | Privacy | Legal