Restriction to applied in Alfresco so that .bat file is not getting uploaded (Security compliance)

cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Member II

Restriction to applied in Alfresco so that .bat file is not getting uploaded (Security compliance)

Jump to solution

Hi,

I have made changes as per below screenshot to put restriction in alfresco for various file uploads (mst, msp, ops, config, cpf etc).

But, i am not able to restrict the upload of .bat file using same change. Please suggest how to proceed with it. 

Thanks. 

 

### Added for restricated mimetype on 27/12/2019 ###
CONTAINS = *batch*
CONTAINS = *adp*,*asp*,*asa*,*ashx*,*asmx*,*bas*,*cdx*,*cer*,*chm*,*class*,*cmd*,*cnt*,*com*,*config*,*cpl*,*crt*,*csh*,*der*,*dll*,*exe*,*fxp*,*gadget*,*grp*,*hlp*
CONTAINS = *hpj*,*hta*,*htr*,*htw*,*ida*,*idc*,*idq*,*ins*,*isp*,*its*,*jse*,*json*,*ksh*,*lnk*,*mad*,*maf*,*mag*,*mam*,*maq*,*mar*,*mas*,*mat*,*mau*,*mav*,*maw*
CONTAINS = *mcf*,*mda*,*mdb*,*mde*,*mdt*,*mdw*,*mdz*,*msc*,*msh*,*msh1*,*msh1xml*,*msh2*,*msh2xml*,*mshxml*,*msi*,*ms-one-stub*,*msp*,*mst*,*ops*,*pcd*,*pif*,*pl*,*prf*,*prg*,*printer*,*ps1*,*ps1xml*,*ps2*,*ps2xml*,*psc1*
CONTAINS = *psc2*,*pst*,*reg*,*rem*,*scf*,*scr*,*sct*,*shb*,*shs*,*shtm*,*shtml*,*soap*,*stm*,*svc*,*url*,*vb*,*vbe*,*vbs*,*vsix*,*ws*,*wsc*,*wsf*,*wsh*,*xamlx*,*xml*
EXACTLY ONE = application/octet-stream
### ENDS WITH xml = *bat ###
mimetypes.restricated.expression = video*bat file.JPG

1 Solution

Accepted Solutions
Highlighted
Community Manager
Community Manager

Re: Restriction to applied in Alfresco so that .bat file is not getting uploaded (Security complianc

Jump to solution

Hi,

I notice that you have "bas" rather than "bat"?

CONTAINS = *batch*
CONTAINS = *adp*,*asp*,*asa*,*ashx*,*asmx*,*bas*,*

Could that be an issue?

Digital Community Manager, Alfresco Software.
Problem solved? Click Accept as Solution!

View solution in original post

8 Replies
Highlighted
Community Manager
Community Manager

Re: Restriction to applied in Alfresco so that .bat file is not getting uploaded (Security complianc

Jump to solution

Hi,

I notice that you have "bas" rather than "bat"?

CONTAINS = *batch*
CONTAINS = *adp*,*asp*,*asa*,*ashx*,*asmx*,*bas*,*

Could that be an issue?

Digital Community Manager, Alfresco Software.
Problem solved? Click Accept as Solution!

View solution in original post

Highlighted
Alfresco Employee

Re: Restriction to applied in Alfresco so that .bat file is not getting uploaded (Security complianc

Jump to solution

I guess you are using this addon:

https://github.com/keensoft/alfresco-mimetype-blocker

The right word to specify that is "ENDS" instead of "ENDS WITH"

https://github.com/keensoft/alfresco-mimetype-blocker/blob/master/mimetype-blocker-repo/src/main/jav...

Try setting

 

ENDS=*bat

 

Software Engineer in Alfresco Search Team.
Highlighted
Established Member II

Re: Restriction to applied in Alfresco so that .bat file is not getting uploaded (Security complianc

Jump to solution

@angelborroy  

My requirement is to restrict .exe files from uploading.

I only wanted to restrict .exe files so what property i need to add in alfresco-global.properties:

As the property i  have mentioned below will be sufficient or still i need some modification.

ENDS=*exe

 

Highlighted
Community Manager
Community Manager

Re: Restriction to applied in Alfresco so that .bat file is not getting uploaded (Security complianc

Jump to solution

Hi @akash251998,

Try:

CONTAINS = *exe*

 HTH,

Digital Community Manager, Alfresco Software.
Problem solved? Click Accept as Solution!
Highlighted
Established Member II

Re: Restriction to applied in Alfresco so that .bat file is not getting uploaded (Security complianc

Jump to solution

Thanks for your response .

I have done the changes in global property but how to apply it for the folder level how to do that

By using default Alfresco Share folder action Manage AspectsMime Type Restrictable aspect can be applied to desired folders.

 

Thanks in Advance

Highlighted
Established Member II

Re: Restriction to applied in Alfresco so that .bat file is not getting uploaded (Security complianc

Jump to solution

Dear @EddieMay thanku for your respons.

I have updated my global property as:

### Added for restricated mimetype ###
CONTAINS = *exe*

 

And after applying Mime Type Restrictable (mtb:mimetypeRestrictable) on the folder using manage aspect now any file is not getting uploaded on that folder . And an error is coming 

Failure: Failed to execute transaction-level behaviour public abstract void org.alfresco.repo.content.ContentServicePolicies$OnContentPropertyUpdatePolicy.onContentPropertyUpdate(org.alfresco.service.cmr.repository.NodeRef,org.alfresco.service.namespace.QName,org.alfresco.service.cmr.repository.ContentData,org.alfresco.service.cmr.repository.ContentData) in transaction 98bfb918-4e10-4a01-b1e1-95da8c24b805)
Highlighted
Community Manager
Community Manager

Re: Restriction to applied in Alfresco so that .bat file is not getting uploaded (Security complianc

Jump to solution

Hi @akash251998,

Just to be clear, you are using this add-on => https://github.com/keensoft/alfresco-mimetype-blocker? If so, look at the format of the alfresco-global.properties file. Also, can you tell us what version of ACS you are using? Note that this add-on is quite old.

HTH 

Digital Community Manager, Alfresco Software.
Problem solved? Click Accept as Solution!
Highlighted
Established Member II

Re: Restriction to applied in Alfresco so that .bat file is not getting uploaded (Security complianc

Jump to solution

Yes i am using that addon only.

I am using Alfresco community version 5.2 .

As my requirement is to restrict .exe files from uploading due to security purpose.

My global properties is as below:

### Added for restricated mimetype ###
CONTAINS = *exe*

As i am not getting how to make the changes in global properties to achieve my target.