Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Exclude malware-detection rules files in /var/tmp (and other locations) #3665

Merged
merged 0 commits into from
Jan 25, 2023
Merged

Exclude malware-detection rules files in /var/tmp (and other locations) #3665

merged 0 commits into from
Jan 25, 2023

Conversation

mhuth
Copy link
Contributor

@mhuth mhuth commented Jan 25, 2023

Signed-off-by: Mark Huth [email protected]

All Pull Requests:

Check all that apply:

  • Have you followed the guidelines in our Contributing document, including the instructions about commit messages?
  • Is this PR to correct an issue?
  • Is this PR an enhancement?

Customers who have /tmp linked to /var/tmp will get false positives from the downloaded rules file in /var/tmp because we only check for the rules file in /tmp. /facepalm ... D'oh ... crikey ... sheesh ... good lord .... Anyway, this PR makes sure we check /tmp, /var/tmp, /usr/tmp and tempfile.gettempdir() for the downloaded rules file so we can ignore it in all those locations.

@mhuth mhuth requested review from xiangce, ahitacat and bfahr January 25, 2023 06:47
@mhuth
Copy link
Contributor Author

mhuth commented Jan 25, 2023

Customer confirmed that this patch fixed the problem for them, so it would be good to get this out as soon as we can.

ahitacat
ahitacat approved these changes Jan 25, 2023
View reviewed changes
Copy link
Contributor

@ahitacat ahitacat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@mhuth
Copy link
Contributor Author

mhuth commented Jan 25, 2023

Thanks @ahitacat, how do I get this merged as neither of us have permissions to merge it :/

@bfahr bfahr merged commit 08f423b into master Jan 25, 2023
bfahr pushed a commit that referenced this pull request Jan 25, 2023
@mhuth @bfahr
Exclude malware-detection rules files in /var/tmp (and other location…
b04665f 
…s) (#3665)

Signed-off-by: Mark Huth <[email protected]>

Signed-off-by: Mark Huth <[email protected]>
(cherry picked from commit 08f423b)
@mhuth mhuth deleted the malware_exclude_var_tmp branch January 26, 2023 01:11
xiangce pushed a commit that referenced this pull request Sep 6, 2024
@mhuth
Exclude malware-detection rules files in /var/tmp (and other location…
078ba67 
…s) (#3665)

Signed-off-by: Mark Huth <[email protected]>

Signed-off-by: Mark Huth <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ahitacat ahitacat ahitacat approved these changes

@bfahr bfahr bfahr approved these changes

@xiangce xiangce Awaiting requested review from xiangce

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mhuth @bfahr @ahitacat