in reply to
Re: security: making sure graphics uploaded by users are safe
in thread security: making sure graphics uploaded by users are safe
ExifTool is not designed to detect security problems in images, so I don't think that exiftool warnings are very indicative of a problem like this. Instead of rejecting any image with a warning, I would recommend removing all metadata from the image with "exiftool -all=". This should also remove any warnings associated with the metadata. If warnings or errors persist after cleaning an image like this, then it would be reasonable to reject the image.
- Phil Harvey