Create admin_block_exe.py #459
Conversation
FEATURE/ Bot message listener to prevent users from sending executable or zipped files in message attachments.
|
I think that this should be handled manually on a per-instance basis. Otherwise, this would be blocking all useful files for the slight possibility of malware (which has never even occurred, as far as I remember). |
Xarlos89
left a comment
Xarlos89
left a comment
There was a problem hiding this comment.
Simple, effective, and a great security feature.
I'd only add more permanent logging in the mod channel, and then it's great.
| async def on_message(self, message): | ||
| for attachment in message.attachments: | ||
| print(f"content type: {attachment.content_type}") | ||
| if attachment.content_type in [ |
There was a problem hiding this comment.
Nice. Love the idea of blocking lots of different file types, As most of these are not really necessary.
| ), | ||
| delete_after=10, | ||
| ) | ||
| logger.info( |
There was a problem hiding this comment.
So, it's good that we log this on the server, but perhaps we should have a more permanent log in the moderation logs to let us know what user, and what file was being uploaded. I'm not sure it would be necessary to actually log the file itself, but if it's a link, that would be useful to know about false positives / positive positives.
There was a problem hiding this comment.
TODO: Add permanent logging here in Mod Logs
As it's configurable, I'd say it's a useful feature. We would almost never allow a random .exe, or ZIP file to be present. We should log the file being removed, and see what false positives come up. |
FEATURE/ Bot message listener to prevent users from sending executable or zipped files in message attachments.