Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris
 
PerlMonks  

Re: security: making sure graphics uploaded by users are safe

by dolmen (Beadle)
on Oct 01, 2009 at 14:38 UTC ( #798664=note: print w/replies, xml ) Need Help??


in reply to security: making sure graphics uploaded by users are safe

  • 3.5. Check the file with an up to date antivirus
  • 3.6. Use Image::ExifTool. Any warning makes the image suspicious and you must reject it
  • Comment on Re: security: making sure graphics uploaded by users are safe

Replies are listed 'Best First'.
Re^2: security: making sure graphics uploaded by users are safe
by boardhead (Novice) on Oct 01, 2009 at 16:29 UTC

    ExifTool is not designed to detect security problems in images, so I don't think that exiftool warnings are very indicative of a problem like this. Instead of rejecting any image with a warning, I would recommend removing all metadata from the image with "exiftool -all=". This should also remove any warnings associated with the metadata. If warnings or errors persist after cleaning an image like this, then it would be reasonable to reject the image.

    - Phil Harvey

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://798664]
help
Chatterbox?
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others cooling their heels in the Monastery: (3)
As of 2017-07-22 19:00 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    I came, I saw, I ...
























    Results (340 votes). Check out past polls.