Confirmed users
238
edits
Security/Features/Application Reputation Design Doc: Difference between revisions
Security/Features/Application Reputation Design Doc (view source)
Revision as of 19:09, 18 February 2014
, 18 February 2014→High-level overview
| Line 18: | Line 18: | ||
# The suggested filename for the download. | # The suggested filename for the download. | ||
Using this metadata, the user-agent performs a local lookups against a blocklist, | Using this metadata, the user-agent performs a local lookups against a blocklist. In Chrome, this happens in DownloadProtectionService::CheckDownloadUrl [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/download_protection_service.cc&rcl=1392695364&l=813]. If no match is found, the user-agent checks whether the binary is supported. In Chrome, the entry point is in DownloadProtectionService::CheckClientDownloadRequest [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/download_protection_service.cc&l=271]. If the download is supported, it checks an allowlist. In Chrome, these checks happen in CheckClientDownloadRequest::CheckWhitelists [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/download_protection_service.cc&l=488]. If the binary is signed, then the code signing information is checked against the allowlist. In Chrome, these checks begin inside CheckWhitelists [https://code.google.com/p/chromium/codesearch#chromium/src/chrome/browser/safe_browsing/download_protection_service.cc&rcl=1392695364&l=584]. | ||
If any blocklist matches are found, the user-agent must not save the file to disk. If any allowlist matches are found, the user-agent may treat the binary as trusted and skip the remote lookup. If no matches are found and the binary was unsigned or signature extraction completed successfully (on Windows only), the user-agent may send a remote lookup to the application reputation service. | |||
== Metadata extraction == | == Metadata extraction == | ||