http://www.perlmonks.org?node_id=798815


in reply to security: making sure graphics uploaded by users are safe

Since it's data it should not be a problem unless there's a bug in the parser.. Of course that happens but unless your site is insanely secure there are probably more pressing problems..

It might be a good idea to run it through ImageMageick or something once since that, if I recall correctly, fixes a problem with stacking code(?) in GiFs.

But if there's a parsing bug in ImageMagick you just made their problem your problem.

Scanning with AV seems kind of useless.. if there's code there wouldn't it be custom?