From e964f0ba03798f4626e0c5552c0c390aabd3bbd5 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Thu, 9 Jul 2015 14:42:54 +0200
Subject: Add some comments

---
 whitelist.yara | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/whitelist.yara b/whitelist.yara
index 58e237d..ce7bafb 100644
--- a/whitelist.yara
+++ b/whitelist.yara
@@ -1,4 +1,9 @@
-private rule Wordpress
+/*
+    Careful; those rules are pretty heavy on computation,
+    since the sha1sum my be recomputed for every since test;
+    please make sure that you're calling them after every other ones.
+*/
+private rule Wordpress : Blog
 {
     condition:
         /* Wordpress 3.5.1 */
@@ -11,7 +16,7 @@ private rule Wordpress
         hash.sha1(0, filesize)  == "232e4705e3aa28269c4d5e4a4a700bb7a2d06f24" // wp-admin/includes/menu.php
 }
 
-private rule Prestashop
+private rule Prestashop : ECommerce
 {
     condition:
         /* Prestashop 1.6.1.0 */
@@ -20,7 +25,7 @@ private rule Prestashop
         hash.sha1(0, filesize)  == "15da986fccdc7104f9d4e8c344f332db5ae9a32b" // classes/Tools.php
 }
 
-private rule Magento
+private rule Magento : ECommerce
 {
     condition:
         /* Magento 1.7.0.2 */
@@ -36,7 +41,7 @@ private rule Magento
         hash.sha1(0, filesize)  == "44ba7a5b685f4a52113559f366aaf6e9a22ae21e"  // app/code/core/Mage/Adminhtml/Model/Url.php
 }
 
-private rule Drupal
+private rule Drupal : Blog
 {
     condition:
         hash.sha1(0, filesize)  == "23cc0e2c6eebe94fe189e258a3658b40b0005891" or // modules/simpletest/tests/upgrade/drupal-6.bare.database.php
-- 
cgit v1.3