Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:3668 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 12160 invoked from network); 31 Jul 2003 16:55:33 -0000 Received: from unknown (HELO asuka.nerv) (24.112.18.98) by pb1.pair.com with SMTP; 31 Jul 2003 16:55:33 -0000 Received: (qmail 26638 invoked from network); 31 Jul 2003 17:09:03 -0000 Received: from rei.nerv (HELO dummy.com) (rei@192.168.1.1) by asuka.nerv with SMTP; 31 Jul 2003 17:09:03 -0000 Reply-To: ilia@prohost.org To: "skate" , Date: Thu, 31 Jul 2003 13:07:53 -0400 User-Agent: KMail/1.5.3 References: <059101bffadb$28a33670$1400000a@fatcuban> <009801c35782$b551fc80$1400000a@fatcuban> In-Reply-To: <009801c35782$b551fc80$1400000a@fatcuban> Organization: Prohost.org MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-ID: <200307311307.53905.ilia@prohost.org> Subject: Re: [PHP-DEV] upload compromises From: ilia@prohost.org (Ilia Alshanetsky) On July 31, 2003 12:41 pm, skate wrote: > sorry, unfortunatly i haven't got a full solution, just a suggestion. i > don't know how difficult any of this would be to implement, but i feel that > it could benefit the community by adding a little extra security. > > i do fully understand that it's not gonna be 100% fool proof, or security > proof. very little is when you have any kind of user input. but every > little bit does help. It would not offer any real security. Mime detection is generally based on the 1st few bytes of the file and can be easily fooled. This imperfect system will result of numerous frivolous reports about certain files bypassing this 'security measure' and so on. If you want such a protection enable the mime-magic extension or better yet get a command line virus scanner and use that to filter your attachments. Ilia