immunio 1.1.5 → 1.1.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/immunio/agent.rb +15 -1
- data/lib/immunio/version.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 26f001c2c60f9b1529d0b5e98c0352b7171f0efc
|
|
4
|
+
data.tar.gz: b4ce5d424d95435e048057766fbff2f86862c2cc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 63ca57ac77abbd1488c5dd425a91c3faa95c7ae87ccd43798279246f013dac88c957fccc200876cdd8b7077748452819986ddb95ba0a534274808ee89ed9630d
|
|
7
|
+
data.tar.gz: 8fb5fc3f10c09fabe8cbbac5cb288e7563b37fbe6f60c51a3f68801f2a19fdcf592498c71cfda0d0d116ec13dfa5b9a82b4e77e47750c6221b9da00bb812b231
|
data/lib/immunio/agent.rb
CHANGED
|
@@ -7,9 +7,11 @@ require_relative "processor"
|
|
|
7
7
|
module Immunio
|
|
8
8
|
@agent = nil
|
|
9
9
|
|
|
10
|
+
CODE_PROTECTION_PLUGINS = %w(xss file_io redirect sqli shell_command).freeze
|
|
11
|
+
|
|
10
12
|
# Plugins that are enabled by default. Override using the `plugins_enabled`
|
|
11
13
|
# and `plugins_disabled` configuration settings.
|
|
12
|
-
DEFAULT_PLUGINS =
|
|
14
|
+
DEFAULT_PLUGINS = CODE_PROTECTION_PLUGINS.dup.freeze
|
|
13
15
|
|
|
14
16
|
CONFIG_FILENAME = "immunio.yml"
|
|
15
17
|
|
|
@@ -70,6 +72,13 @@ module Immunio
|
|
|
70
72
|
# purposes.
|
|
71
73
|
config_accessor :vm_data
|
|
72
74
|
|
|
75
|
+
# When false (default), this will prevent hooking for code
|
|
76
|
+
# protection (xss, file_io, redirect, sqli and shell_command) and this
|
|
77
|
+
# will prevent them from being enabled individually.
|
|
78
|
+
# When true, plugins can still be disabled. However, if not enabled in
|
|
79
|
+
# the backend, the hook vm code will be missing.
|
|
80
|
+
config_accessor :code_protection_plugins_enabled
|
|
81
|
+
|
|
73
82
|
def initialize
|
|
74
83
|
Immunio.logger.info { "Initializing agent version #{VERSION} for process #{Process.pid}" }
|
|
75
84
|
|
|
@@ -95,6 +104,7 @@ module Immunio
|
|
|
95
104
|
# Default to empty lists for enabled and disabled
|
|
96
105
|
config.plugins_enabled = []
|
|
97
106
|
config.plugins_disabled = []
|
|
107
|
+
config.code_protection_plugins_enabled = false
|
|
98
108
|
config.agent_enabled = true
|
|
99
109
|
config.safe_script_tag_contexts = []
|
|
100
110
|
config.vm_data = {}
|
|
@@ -208,6 +218,10 @@ module Immunio
|
|
|
208
218
|
end
|
|
209
219
|
|
|
210
220
|
def plugin_enabled?(plugin)
|
|
221
|
+
if CODE_PROTECTION_PLUGINS.include?(plugin)
|
|
222
|
+
return false unless config.code_protection_plugins_enabled
|
|
223
|
+
end
|
|
224
|
+
|
|
211
225
|
# Check if the specified `plugin` is enabled based on the Agent config.
|
|
212
226
|
config.plugins_active.member?(plugin)
|
|
213
227
|
end
|
data/lib/immunio/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: immunio
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1.
|
|
4
|
+
version: 1.1.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Immunio
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2017-01-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|
|
@@ -465,7 +465,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
465
465
|
version: '0'
|
|
466
466
|
requirements: []
|
|
467
467
|
rubyforge_project:
|
|
468
|
-
rubygems_version: 2.
|
|
468
|
+
rubygems_version: 2.4.5.1
|
|
469
469
|
signing_key:
|
|
470
470
|
specification_version: 4
|
|
471
471
|
summary: Immunio Ruby agent
|