Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-69522

Allow antivirus scanners to specify the message to the user

    XMLWordPrintable

Details

    • MOODLE_311_STABLE
    • MOODLE_311_STABLE
    • MDL-69522-custom-message-311
    • MDL-69522-custom-message-m
    • Hide

      Pre-requisites:

      Have ClamAV installed and configured on the system, to use in testing:

      • FIrst, install clamav:

        sudo apt-get install clamav clamav-daemon

      • Then, enable clamav via admin > plugins > antivirus plugins > manage antivirus plugins
      • Then click settings for the clamav scanner and enter "/usr/bin/clamscan" in the pathtoclam field adn save.

      Test an unmodified virus scanner

      1) Visit https://www.eicar.org/?page_id=3950 and download the eicar test file.

      2) Visit /user/files.php and attempt the upload the eicar file.

      3) Verify that a message box appears with the message: 'eicar.com has been scanned by a virus checker and found to be infected!'. This confirms the default message is being displayed by scanners that do not implement the optional method, such as ClamAV

       

      Test a virus scanner that implements a custom message

      4) Install an encrypted content scanner for use in testing:

      git clone git@github.com:catalyst/moodle-antivirus_encrypted.git lib/antivirus/encrypted
      

      5) Visit /admin/index.php to perform the upgrade

      6) Visit /admin/settings.php?section=manageantiviruses and enable the encrypted content scanner.

      7) Download the attached doc file. It is a password protected libreoffice doc with the password 'password'.

      8) Go back to /user/files.php and attempt to upload the encrypted doc.

      9) Verify you receive a custom error message specific to this scanner:

      'Test doc enc.odt was unable to be inspected, due to encryption on the file.'

       

       

      Show
      Pre-requisites: Have ClamAV installed and configured on the system, to use in testing: FIrst, install clamav: sudo apt-get install clamav clamav-daemon Then, enable clamav via admin > plugins > antivirus plugins > manage antivirus plugins Then click settings for the clamav scanner and enter "/usr/bin/clamscan" in the pathtoclam field adn save. Test an unmodified virus scanner 1) Visit https://www.eicar.org/?page_id=3950 and download the eicar test file. 2) Visit /user/files.php and attempt the upload the eicar file. 3) Verify that a message box appears with the message: 'eicar.com has been scanned by a virus checker and found to be infected!'. This confirms the default message is being displayed by scanners that do not implement the optional method, such as ClamAV   Test a virus scanner that implements a custom message 4) Install an encrypted content scanner for use in testing: git clone git @github .com:catalyst/moodle-antivirus_encrypted.git lib/antivirus/encrypted 5) Visit /admin/index.php to perform the upgrade 6) Visit /admin/settings.php?section=manageantiviruses and enable the encrypted content scanner. 7) Download the attached doc file. It is a password protected libreoffice doc with the password 'password'. 8) Go back to /user/files.php and attempt to upload the encrypted doc. 9) Verify you receive a custom error message specific to this scanner: 'Test doc enc.odt was unable to be inspected, due to encryption on the file.'    

    Description

      It would be nice if antivirus engines had the ability to specify a custom message that would be displayed to the user upon returning a VIRUS_FOUND signature. This would be useful for plugins that leverage the Antivirus API, but are looking for other signatures, such as encrypted content. Real life example:

      https://github.com/catalyst/moodle-antivirus_encrypted

      Attachments

        1. MDL-69522.jpg
          37 kB
          Anna Carissa Sadia
        2. Test doc enc.odt
          12 kB
          Peter Burnett

        Activity

          People

            peterburnett Peter Burnett
            peterburnett Peter Burnett
            Brendan Heywood Brendan Heywood
            Jake Dallimore Jake Dallimore
            Anna Carissa Sadia Anna Carissa Sadia
            Ruslan Kabalin
            Votes:
            1 Vote for this issue
            Watchers:
            7 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              17/May/21

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 2 hours
                2h