Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-69522

Allow antivirus scanners to specify the message to the user

    XMLWordPrintable

    Details

    • Affected Branches:
      MOODLE_311_STABLE
    • Fixed Branches:
      MOODLE_311_STABLE
    • Pull 3.11 Branch:
      MDL-69522-custom-message-311
    • Pull Master Branch:
      MDL-69522-custom-message-m
    • Testing Instructions:
      Hide

      Pre-requisites:

      Have ClamAV installed and configured on the system, to use in testing:

      • FIrst, install clamav:

        sudo apt-get install clamav clamav-daemon

      • Then, enable clamav via admin > plugins > antivirus plugins > manage antivirus plugins
      • Then click settings for the clamav scanner and enter "/usr/bin/clamscan" in the pathtoclam field adn save.

      Test an unmodified virus scanner

      1) Visit https://www.eicar.org/?page_id=3950 and download the eicar test file.

      2) Visit /user/files.php and attempt the upload the eicar file.

      3) Verify that a message box appears with the message: 'eicar.com has been scanned by a virus checker and found to be infected!'. This confirms the default message is being displayed by scanners that do not implement the optional method, such as ClamAV

       

      Test a virus scanner that implements a custom message

      4) Install an encrypted content scanner for use in testing:

      git clone git@github.com:catalyst/moodle-antivirus_encrypted.git lib/antivirus/encrypted
      

      5) Visit /admin/index.php to perform the upgrade

      6) Visit /admin/settings.php?section=manageantiviruses and enable the encrypted content scanner.

      7) Download the attached doc file. It is a password protected libreoffice doc with the password 'password'.

      8) Go back to /user/files.php and attempt to upload the encrypted doc.

      9) Verify you receive a custom error message specific to this scanner:

      'Test doc enc.odt was unable to be inspected, due to encryption on the file.'

       

       

      Show
      Pre-requisites: Have ClamAV installed and configured on the system, to use in testing: FIrst, install clamav: sudo apt-get install clamav clamav-daemon Then, enable clamav via admin > plugins > antivirus plugins > manage antivirus plugins Then click settings for the clamav scanner and enter "/usr/bin/clamscan" in the pathtoclam field adn save. Test an unmodified virus scanner 1) Visit https://www.eicar.org/?page_id=3950 and download the eicar test file. 2) Visit /user/files.php and attempt the upload the eicar file. 3) Verify that a message box appears with the message: 'eicar.com has been scanned by a virus checker and found to be infected!'. This confirms the default message is being displayed by scanners that do not implement the optional method, such as ClamAV   Test a virus scanner that implements a custom message 4) Install an encrypted content scanner for use in testing: git clone git @github .com:catalyst/moodle-antivirus_encrypted.git lib/antivirus/encrypted 5) Visit /admin/index.php to perform the upgrade 6) Visit /admin/settings.php?section=manageantiviruses and enable the encrypted content scanner. 7) Download the attached doc file. It is a password protected libreoffice doc with the password 'password'. 8) Go back to /user/files.php and attempt to upload the encrypted doc. 9) Verify you receive a custom error message specific to this scanner: 'Test doc enc.odt was unable to be inspected, due to encryption on the file.'    

      Description

      It would be nice if antivirus engines had the ability to specify a custom message that would be displayed to the user upon returning a VIRUS_FOUND signature. This would be useful for plugins that leverage the Antivirus API, but are looking for other signatures, such as encrypted content. Real life example:

      https://github.com/catalyst/moodle-antivirus_encrypted

        Attachments

          Activity

            People

            Assignee:
            peterburnett Peter Burnett
            Reporter:
            peterburnett Peter Burnett
            Peer reviewer:
            Brendan Heywood Brendan Heywood
            Integrator:
            Jake Dallimore Jake Dallimore
            Tester:
            Anna Carissa Sadia Anna Carissa Sadia
            Participants:
            Component watchers:
            Ruslan Kabalin
            Votes:
            1 Vote for this issue
            Watchers:
            7 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Fix Release Date:
              17/May/21

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 2 hours
                2h