2007/3/10, Reini Urban <rurban@...>:
> 2007/3/9, Manuel Vacelet <manuel.vacelet@...>:
> > 2007/3/9, Sabri LABBENE <sabri.labbene@...>:
> > > BTW, we also turned off getimagesize() because it make the page loading very
> > > slow. Will there be then any risk related to spam prevention ?
> > In a intranet there is no risk.
> There's still the cockpit error risc. The risc of unaware users, who
> just upload .vbs files as one just did yesterday in my companies'
> super-secure intranet. Thanksfully we had the extension check.
> After renaming the .vbs to .vbs_ he could upload it, and users could
> download it without immediate execution.
I'm not that Microsoft Windows aware but this is a client executable
not a server one isn't it ?
I mean, there are no risks to see this vbs executed on the server
(even a windows one) ?