From: Bharat M. <bh...@me...> - 2009-02-22 00:53:02
|
Just to get some closure on this, I've been implementing movie support in G3 recently and I've taken the approach of allowing users to upload FLV files. This means that you transcode it on the desktop and upload the transcoded version. This should be more reliable on a wider range of systems since desktops are not a shared resource. In a perfect world we'd have an uploader plugin (Flash or Java, or perhaps something else) that transcodes and uploads at the same time so that we parallelize the bandwidth and cpu consumption. A quick search didn't turn up anything that does this, but it'd be a great solution. Andy Staudacher wrote: > On Fri, Jan 23, 2009 at 9:28 PM, Bob Friesenhahn > <bfr...@si... <mailto:bfr...@si...>> wrote: > > On Fri, 23 Jan 2009, Jake Conner wrote: > > > Only if the site owner doesn't trust the uploaders, right? On many > > (probably the majority of) Gallery installs, the owner is the only > > uploader. There are a number that allow open uploads or open > > registrations amounting to the same thing, but I'd bet they're a small > > minority. So maybe it should be an option, with the proper warnings. > > Andy Staudacher is certainly right to worry about security issues from > trojan files. Besides shared uploads, the images could come from a > newsfeed (porn, pictures of kittens, etc.) and may intentionally > contain something bad. > > > Well, that's really a separate topic. if you let just anyone upload > images to your site, you'll have to deal with the consequences. e.g. by > responding quickly to law violations. > > > Older ImageMagick and GraphicsMagick provided > a path to execute scripting via trojan files, and it may be possible > to collect private information from well known files on the machine > (e.g. passwords or account numbers) and display it as a publically > viewable gallery image. It is even possible to obtain an image from > another machine or directory using a file://, http:// or ftp:// URL. > I have heard of an apparent file transfer being triggered by a bogus > file. These are just things I have noticed in software I maintain and > certainly other popular software has its own exploits. Always > consider files suspect until proven otherwise. This can be > challenging since it is easy to construct files which appear to be > several different file formats. > > > All true. What an application like G3 can do is remind admins to keep > dependencies like IM, GM and PHP up to date. But it's not practical to > be too defensive and have G3 compensate for possible security issues in > these dependencies. We can and must trust GM, IM and GD that they don't > allow crazy things to happen when they're fed with malicious files. > > So security wise, I'd really want to run all uploaded files through some > (hopefully lossless) image processing before the file is ever served. > > - Andy > > Bob > ====================================== > Bob Friesenhahn > bfr...@si... <mailto:bfr...@si...>, > http://www.simplesystems.org/users/bfriesen/ > GraphicsMagick Maintainer, http://www.GraphicsMagick.org/ > > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by: > SourcForge Community > SourceForge wants to tell your story. > http://p.sf.net/sfu/sf-spreadtheword > __[ g a l l e r y - d e v e l ]_________________________ > > [ list info/archive --> http://gallery.sf.net/lists.php ] > [ gallery info/FAQ/download --> http://gallery.sf.net ] > > > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by: > SourcForge Community > SourceForge wants to tell your story. > http://p.sf.net/sfu/sf-spreadtheword > > > ------------------------------------------------------------------------ > > __[ g a l l e r y - d e v e l ]_________________________ > > [ list info/archive --> http://gallery.sf.net/lists.php ] > [ gallery info/FAQ/download --> http://gallery.sf.net ] |