To summarise: the uploading of an executable masquerading as an image file
can be protected against via coding at the application level
> My thought is that it wouldnt be too hard to have some kind of script
> masquerade as a gif file, and perhaps cause damage.
More worrying and much harder to protect against are zero-day exploits
against the graphics libraries themselves - libpng, libtiff, gd lib, zlib
- have all had security problems in the past.
Or, for that matter, load the images in through http://php.net/gd and
And the potential irony is that: in order to protect against executables
masquerading as image files you trigger a zero-day exploit of gd :)
I would love to hear Chris Shiflett's views on this.
I certainly don't speak for Chris, but I can say that I've read his
book "Essential PHP Security" and didn't find mention of any concerns
regarding executable code masquerading as an image file.
He does speak about attaching stuff to a url request for an image to
make a CSRF (cross site request forgery), but the offending code was
not in the image.
However, if this is a real concern, then what about:
1. Uploading the file into a "black hole" as Wolf provided some time
back. I think he tackled a similar problem.
2. Resampling the image -- I doubt any code that's been resampled can
pose any threat. In fact, there are several things one can do to an
image that would alter the internal binary significantly while not
adversely affecting the image much. Alter any of my programs by a
single character, and they will crater -- of course they seldom need
help to do that.
tedd
--
------------------------------------------------------------------------------------
http://sperling.com http://ancientstones.com http://earthstones.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
