Data Control Rule Doesn't Work on JAR File When Match By Source Code

Issue

Data Control rule doesn't work on .JAR Files when it is configured to match by File Attribute where Content Type is "Source Code".

Troubleshooting

The following Data Control rule was set up to Block the downloading of files with a Content Type identified as "source_code."

dlp.jpg

 

Next, we proceed to download two .jar files:

  1. java-1.0.jar
  2. sample.jar

 

Observation:

The download of java-1.0.jar was completed successful.

successfuldl.jpg

 

However, the download of sample.jar was blocked.

blocksourcecode.jpg

Why is the same rule treating these two .jar files differently?

Solution

The reason is because a .jar file can either be a Zip archive or a specialized Java archive (JAR) file. When identified as a Zip archive, the aforementioned rule, configured to match by File Attribute where Content Type is "Source Code", would therefore result in no match. This explains on why the first file, java-1.0.jar, was not blocked during the download process.

We can use the Filecommand in Linux to find out the content type of the .jar file.

$ file java-1.0.jar

$ file sample.jar

If the intent is to block all JAR file, regardless of the content type, then the solution would be to include the "Archives" Content-Type to the rule too. Note that this would also match all archives files like cab, tar, zip, gzip, etc.

Was this article helpful?

0 out of 0 found this helpful

0 comments

Add your comment