8000 update file `restricted-upload.data` · Issue #2644 · coreruleset/coreruleset · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

update file restricted-upload.data #2644

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
Tracked by #2621
fzipi opened this issue Jun 18, 2022 · 8 comments · Fixed by #3282
Closed
Tracked by #2621

update file restricted-upload.data #2644

fzipi opened this issue Jun 18, 2022 · 8 comments · Fixed by #3282
Assignees
@theseion
Labels
⚡ list update

Comments

@fzipi
Copy link
Member
fzipi commented Jun 18, 2022

There is no information on where this list comes from. We need to get some sources and update the list.
@fzipi fzipi mentioned this issue Jun 18, 2022
Closed
34 tasks
@github-actions
Copy link
Contributor

This issue has been open 120 days with no activity. Remove the stale label or comment, or this will be closed in 14 days

@github-actions github-actions bot added the ⌛ Stale issue This issue has been open 120 days with no activity. label Oct 17, 2022
@dune73 dune73 removed the ⌛ Stale issue This issue has been open 120 days with no activity. label Oct 17, 2022
@theseion theseion self-assigned this Mar 6, 2023
@franbuehler franbuehler mentioned this issue Mar 6, 2023
Closed
@dune73 dune73 mentioned this issue Jun 5, 2023
Closed
@theseion
Copy link
Contributor
theseion commented Jun 6, 2023

I'll take this one. It's assigned to me already anyway and it's close to the other list I've already worked on.

@theseion
Copy link
Contributor

restricted-uploads.data is clearly a subset of restricted-files.data. Looking at the though, I don't think we actually need the distinction. My proposal: simply use restricted-files.data for rule 932180 as well. What do you think @dune73, @theMiddleBlue?

@dune73
Copy link
Member
dune73 commented Jul 3, 2023

I agree. But the former has the naked files while the restricted-files variant often brings the filenames with a path prefix. Both lists are used with pmFromFile. So would you rather use the naked version or the enriched one?

@theseion
Copy link
Contributor
theseion commented Jul 9, 2023
edited
Loading

Those entries that have paths in restricted-files.data make a lot of sense for reducing FPs. I looked at all of them while I was working on that list and I don't see a reason why restricted-uploads.data should be less restrictive. Uploading such a file to a directory where it doesn't do anything is not an exploit, IMO.
To answer your question: yes, I would go with the stricter (enriched) version.

@dune73
Copy link
Member
dune73 commented Aug 7, 2023

Do you have a time frame for this fix? It's one of the last ones of the word list updates, as you know ...

@theseion
Copy link
Contributor
theseion commented Aug 7, 2023

ASAP, I was only waiting for feedback :)

@dune73
Copy link
Member
dune73 commented Aug 7, 2023

Oh, sorry. I thought the road was clear. I second your reasoning above. I looked through the lists earlier and came to the same conclusion.

@theseion theseion mentioned this issue Aug 16, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@theseion theseion

Labels
⚡ list update
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: replace restricted-uploads.data with restricted-files.data theseion/coreruleset
3 participants
@theseion @dune73 @fzipi
0