60ee38a3c2
feat(protocol): 添加补丁管理和行为指标协议类型 feat(client): 实现补丁管理插件采集功能 feat(server): 添加补丁管理和异常检测API feat(database): 新增补丁状态和异常检测相关表 feat(web): 添加补丁管理和异常检测前端页面 fix(security): 增强输入验证和防注入保护 refactor(auth): 重构认证检查逻辑 perf(service): 优化Windows服务恢复策略 style: 统一健康评分显示样式 docs: 更新知识库文档
55 lines
2.1 KiB
SQL
55 lines
2.1 KiB
SQL
-- Software whitelist: processes that should NEVER be blocked even if matched by blacklist rules.
|
|
-- This provides a safety net to prevent false positives from killing legitimate applications.
|
|
CREATE TABLE IF NOT EXISTS software_whitelist (
|
|
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
|
name_pattern TEXT NOT NULL,
|
|
reason TEXT,
|
|
is_builtin INTEGER NOT NULL DEFAULT 0, -- 1 = system default, 0 = admin-added
|
|
enabled INTEGER NOT NULL DEFAULT 1,
|
|
created_at TEXT NOT NULL DEFAULT (datetime('now'))
|
|
);
|
|
|
|
-- Built-in whitelist entries for common safe applications
|
|
INSERT INTO software_whitelist (name_pattern, reason, is_builtin) VALUES
|
|
-- Browsers
|
|
('chrome.exe', 'Google Chrome browser', 1),
|
|
('msedge.exe', 'Microsoft Edge browser', 1),
|
|
('firefox.exe', 'Mozilla Firefox browser', 1),
|
|
('iexplore.exe', 'Internet Explorer', 1),
|
|
('opera.exe', 'Opera browser', 1),
|
|
('brave.exe', 'Brave browser', 1),
|
|
('vivaldi.exe', 'Vivaldi browser', 1),
|
|
-- Development tools & IDEs
|
|
('code.exe', 'Visual Studio Code', 1),
|
|
('devenv.exe', 'Visual Studio', 1),
|
|
('idea64.exe', 'IntelliJ IDEA', 1),
|
|
('webstorm64.exe', 'WebStorm', 1),
|
|
('pycharm64.exe', 'PyCharm', 1),
|
|
('goland64.exe', 'GoLand', 1),
|
|
('clion64.exe', 'CLion', 1),
|
|
('rider64.exe', 'Rider', 1),
|
|
('trae.exe', 'Trae IDE', 1),
|
|
('windsurf.exe', 'Windsurf IDE', 1),
|
|
('cursor.exe', 'Cursor IDE', 1),
|
|
-- Office & productivity
|
|
('winword.exe', 'Microsoft Word', 1),
|
|
('excel.exe', 'Microsoft Excel', 1),
|
|
('powerpnt.exe', 'Microsoft PowerPoint', 1),
|
|
('outlook.exe', 'Microsoft Outlook', 1),
|
|
('onenote.exe', 'Microsoft OneNote', 1),
|
|
('teams.exe', 'Microsoft Teams', 1),
|
|
('wps.exe', 'WPS Office', 1),
|
|
-- Terminal & system tools
|
|
('cmd.exe', 'Command Prompt', 1),
|
|
('powershell.exe', 'PowerShell', 1),
|
|
('pwsh.exe', 'PowerShell Core', 1),
|
|
('WindowsTerminal.exe', 'Windows Terminal', 1),
|
|
-- Communication
|
|
('wechat.exe', 'WeChat', 1),
|
|
('dingtalk.exe', 'DingTalk', 1),
|
|
('feishu.exe', 'Feishu/Lark', 1),
|
|
('qq.exe', 'QQ', 1),
|
|
('tim.exe', 'Tencent TIM', 1),
|
|
-- CSM
|
|
('csm-client.exe', 'CSM Client itself', 1);
|