added disk ministry
This commit is contained in:
parent
09134eaba4
commit
b2f630e4f9
3 changed files with 24 additions and 0 deletions
|
@ -40,6 +40,8 @@ def sys_hook_entrypoint(event, info):
|
|||
ministry.ofexec.block_exec(event, info)
|
||||
elif event == 'system':
|
||||
ministry.ofexec.block_system(info)
|
||||
elif event == 'open':
|
||||
ministry.ofdisk.detect_disk_access(info)
|
||||
|
||||
|
||||
def enable_ministries(disable_hooks: Iterable = None):
|
||||
|
|
|
@ -1,2 +1,3 @@
|
|||
from . import ofcommunication # noqa
|
||||
from . import ofexec # noqa
|
||||
from . import ofdisk # noqa
|
21
src/bigbrother/ministry/ofdisk.py
Normal file
21
src/bigbrother/ministry/ofdisk.py
Normal file
|
@ -0,0 +1,21 @@
|
|||
from utils.identifyhome import identify_home
|
||||
import logger
|
||||
|
||||
|
||||
def detect_disk_access(info):
|
||||
if type(info[0]) is int: return
|
||||
|
||||
if '/dev/null' == info[0]: return
|
||||
|
||||
whitelist = [identify_home(), 'onionr/src/', '/site-packages/', '/usr/lib64/']
|
||||
|
||||
|
||||
for item in whitelist:
|
||||
if item in info[0]:
|
||||
return
|
||||
|
||||
if identify_home() not in info[0]:
|
||||
if 'proc' in info[0]:
|
||||
logger.warn(f'[DISK MINISTRY] {info} - probably built in Onionr stats')
|
||||
else:
|
||||
logger.warn(f'[DISK MINISTRY] {info}')
|
Loading…
Reference in a new issue