Come for the quick hacks, stay for the epiphanies. | |
PerlMonks |
Re: security: making sure graphics uploaded by users are safeby gizzlon (Initiate) |
on Oct 02, 2009 at 10:41 UTC ( [id://798815]=note: print w/replies, xml ) | Need Help?? |
Since it's data it should not be a problem unless there's a bug in the parser.. Of course that happens but unless your site is insanely secure there are probably more pressing problems.. It might be a good idea to run it through ImageMageick or something once since that, if I recall correctly, fixes a problem with stacking code(?) in GiFs. But if there's a parsing bug in ImageMagick you just made their problem your problem. Scanning with AV seems kind of useless.. if there's code there wouldn't it be custom?
In Section
Seekers of Perl Wisdom
|
|