Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

malware-detection feature: handle different yara versions #3428

Merged
merged 1 commit into from
Jun 2, 2022
Merged

malware-detection feature: handle different yara versions #3428

merged 1 commit into from
Jun 2, 2022

Conversation

mhuth
Copy link
Contributor

@mhuth mhuth commented May 30, 2022
edited
Loading

  • Download versioned signatures file corresponding to installed version of yara
  • Also fixes permission denied bug from fuse mounted filesystems

Signed-off-by: Mark Huth [email protected]

All Pull Requests:

Check all that apply:

  • Have you followed the guidelines in our Contributing document, including the instructions about commit messages?
  • Is this PR to correct an issue?
  • Is this PR an enhancement?

Complete Description of Additions/Changes:

https://issues.redhat.com/browse/YARA-320
Make the malware detection client aware of the version of yara installed on the machine and to select the appropriate signature file for scanning.

Also piggybacks a bug fix whereby os.path.samefile() may raise a permission denied exception when trying to access Fuse filesystem mountpoints, yes even as root!

@mhuth mhuth force-pushed the handle_yara_versions branch 2 times, most recently from 4e36019 to 001cc37 Compare May 31, 2022 02:57
@mhuth
malware-detection feature: handle different yara versions
fa1f08f 
* Download versioned signatures file corresponding to installed version of yara
* Also fixes permission denied bug from fuse mounted filesystems

Signed-off-by: Mark Huth <[email protected]>
@mhuth mhuth force-pushed the handle_yara_versions branch from 001cc37 to fa1f08f Compare May 31, 2022 03:38
@mhuth mhuth changed the title WIP: malware-detection feature: handle different yara versions malware-detection feature: handle different yara versions May 31, 2022
@mhuth mhuth self-assigned this May 31, 2022
@mhuth mhuth requested review from bfahr and dkuc May 31, 2022 03:47
@bfahr bfahr merged commit d96cc10 into master Jun 2, 2022
bfahr pushed a commit that referenced this pull request Jun 2, 2022
@mhuth @bfahr
malware-detection feature: handle different yara versions (#3428)
a845554 
* Download versioned signatures file corresponding to installed version of yara
* Also fixes permission denied bug from fuse mounted filesystems

Signed-off-by: Mark Huth <[email protected]>
(cherry picked from commit d96cc10)
@xiangce xiangce deleted the handle_yara_versions branch May 5, 2023 07:44
xiangce pushed a commit that referenced this pull request Sep 6, 2024
@mhuth
malware-detection feature: handle different yara versions (#3428)
ffdc458 
* Download versioned signatures file corresponding to installed version of yara
* Also fixes permission denied bug from fuse mounted filesystems

Signed-off-by: Mark Huth <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bfahr bfahr bfahr approved these changes

@dkuc dkuc Awaiting requested review from dkuc

Assignees

@mhuth mhuth

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mhuth @bfahr