Beefy Boxes and Bandwidth Generously Provided by pair Networks
Problems? Is your data what you think it is?
 
PerlMonks  

Re: security: making sure graphics uploaded by users are safe

by dolmen (Sexton)
on Oct 01, 2009 at 14:38 UTC ( #798664=note: print w/ replies, xml ) Need Help??


in reply to security: making sure graphics uploaded by users are safe

  • 3.5. Check the file with an up to date antivirus
  • 3.6. Use Image::ExifTool. Any warning makes the image suspicious and you must reject it


Comment on Re: security: making sure graphics uploaded by users are safe
Re^2: security: making sure graphics uploaded by users are safe
by boardhead (Novice) on Oct 01, 2009 at 16:29 UTC

    ExifTool is not designed to detect security problems in images, so I don't think that exiftool warnings are very indicative of a problem like this. Instead of rejecting any image with a warning, I would recommend removing all metadata from the image with "exiftool -all=". This should also remove any warnings associated with the metadata. If warnings or errors persist after cleaning an image like this, then it would be reasonable to reject the image.

    - Phil Harvey

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://798664]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others meditating upon the Monastery: (7)
As of 2014-10-21 03:07 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    For retirement, I am banking on:










    Results (95 votes), past polls