On 04/02/14 11:00, Sebastian Krebs wrote:
2014-02-04 Maciek Sokolewicz <maciek.sokolewicz@xxxxxxxxx>:
On 4-2-2014 6:38, Ron Piggott wrote:
I am wondering what (or how) to protect from viruses when processing IMAP
file attachments. I am using PHP 5.5.7 and Arch Linux.
Ron Piggott
www.TheVerseOfTheDay.info
That depends on what you want to do with the attachments. How do you
process them? Simple text files for example are unable to contain virusses
and are thus harmless.
Thats wrong. For example HTML is a simple text-file too, but still can
contain javascript-code and whatever flaws it may have.
The only times you really need to check for virusses is if you expect your
attachment to be executed at some point.
If all you do is show "hey, there was an attachment of x.y kb included",
then there's no need to even bother checking for virusses. At least, not
until you run any service/program which might in turn attempt to execute
the file (for some odd reason).
Regarding the initial question: Download the attachment and call a common
anti-virus tool with the (temporary) downloaded file as parameter.
+1 for Sebastian's method - I use it often on uploaded files too. Save
the content
in a quarantine location, then make a call to clamscan or something
similar...
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
