immunio 1.1.5 → 1.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/immunio/agent.rb +15 -1
- data/lib/immunio/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 26f001c2c60f9b1529d0b5e98c0352b7171f0efc
|
|
4
|
+
data.tar.gz: b4ce5d424d95435e048057766fbff2f86862c2cc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 63ca57ac77abbd1488c5dd425a91c3faa95c7ae87ccd43798279246f013dac88c957fccc200876cdd8b7077748452819986ddb95ba0a534274808ee89ed9630d
|
|
7
|
+
data.tar.gz: 8fb5fc3f10c09fabe8cbbac5cb288e7563b37fbe6f60c51a3f68801f2a19fdcf592498c71cfda0d0d116ec13dfa5b9a82b4e77e47750c6221b9da00bb812b231
|
data/lib/immunio/agent.rb
CHANGED
|
@@ -7,9 +7,11 @@ require_relative "processor"
|
|
|
7
7
|
module Immunio
|
|
8
8
|
@agent = nil
|
|
9
9
|
|
|
10
|
+
CODE_PROTECTION_PLUGINS = %w(xss file_io redirect sqli shell_command).freeze
|
|
11
|
+
|
|
10
12
|
# Plugins that are enabled by default. Override using the `plugins_enabled`
|
|
11
13
|
# and `plugins_disabled` configuration settings.
|
|
12
|
-
DEFAULT_PLUGINS =
|
|
14
|
+
DEFAULT_PLUGINS = CODE_PROTECTION_PLUGINS.dup.freeze
|
|
13
15
|
|
|
14
16
|
CONFIG_FILENAME = "immunio.yml"
|
|
15
17
|
|
|
@@ -70,6 +72,13 @@ module Immunio
|
|
|
70
72
|
# purposes.
|
|
71
73
|
config_accessor :vm_data
|
|
72
74
|
|
|
75
|
+
# When false (default), this will prevent hooking for code
|
|
76
|
+
# protection (xss, file_io, redirect, sqli and shell_command) and this
|
|
77
|
+
# will prevent them from being enabled individually.
|
|
78
|
+
# When true, plugins can still be disabled. However, if not enabled in
|
|
79
|
+
# the backend, the hook vm code will be missing.
|
|
80
|
+
config_accessor :code_protection_plugins_enabled
|
|
81
|
+
|
|
73
82
|
def initialize
|
|
74
83
|
Immunio.logger.info { "Initializing agent version #{VERSION} for process #{Process.pid}" }
|
|
75
84
|
|
|
@@ -95,6 +104,7 @@ module Immunio
|
|
|
95
104
|
# Default to empty lists for enabled and disabled
|
|
96
105
|
config.plugins_enabled = []
|
|
97
106
|
config.plugins_disabled = []
|
|
107
|
+
config.code_protection_plugins_enabled = false
|
|
98
108
|
config.agent_enabled = true
|
|
99
109
|
config.safe_script_tag_contexts = []
|
|
100
110
|
config.vm_data = {}
|
|
@@ -208,6 +218,10 @@ module Immunio
|
|
|
208
218
|
end
|
|
209
219
|
|
|
210
220
|
def plugin_enabled?(plugin)
|
|
221
|
+
if CODE_PROTECTION_PLUGINS.include?(plugin)
|
|
222
|
+
return false unless config.code_protection_plugins_enabled
|
|
223
|
+
end
|
|
224
|
+
|
|
211
225
|
# Check if the specified `plugin` is enabled based on the Agent config.
|
|
212
226
|
config.plugins_active.member?(plugin)
|
|
213
227
|
end
|
data/lib/immunio/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: immunio
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1.
|
|
4
|
+
version: 1.1.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Immunio
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2017-01-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -465,7 +465,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
465
465
|
version: '0'
|
|
466
466
|
requirements: []
|
|
467
467
|
rubyforge_project:
|
|
468
|
-
rubygems_version: 2.
|
|
468
|
+
rubygems_version: 2.4.5.1
|
|
469
469
|
signing_key:
|
|
470
470
|
specification_version: 4
|
|
471
471
|
summary: Immunio Ruby agent
|