Jump to content
clonetrooper9494

Safe file upload...

Recommended Posts

I am trying to allow people to upload files so they can transport in it between computers, but the problem is that people can upload viruses and destroy my site... now, what I am wondering, is would I be able to covert the file in to binary, before the file is saved to the sever? from what I've read, it get's stored in a temp spot when you upload it, then you just move it to where ever to save it permanently. Would there be a way to just get the data of the files, binary-ize it, then save it manually?

Share this post


Link to post
Share on other sites

This involves things far below PHP - like computer architecture, file formats, operating systems... Essentially, every piece of data already is binary, so how do you want to change the data? You need to know how your operating system formats an executable file, and I think that depends on the architecture (hardware, mostly).So what operating system does your server use? That's the beginning of your answer.EDIT: BTW, I don't think a web browser can execute a file on a server. It can request a file, but it's up to the server whether the file will be executed, sent back to the browser as-is, or simply restricted so web users can't do anything to it.

Share this post


Link to post
Share on other sites

Why don't you pass the files through your server's anti-virus software?

Share this post


Link to post
Share on other sites

There are plenty of article available on security. Here is one: http://www.php.net/manual/en/security.variables.phpHere are some real danger spots:deleting/renaming files and directoriespasswordsSQL queriesAny data that gets fed into something like that needs to be checked, usually through some sort of regex.If you let a user upload a file, play it safe and store it in a directory that is blocked through an .htaccess file. Even if the file is a script or executable that could delete your hard drive, if the user can't call it, it can't be run. So it just sits there.If you want double-plus security, rename the file with a timestamp and create a database that matches original filenames to the new names. Change the filename back at download time.You certainly want to prohibit uploads above a certain size and also keep tabs on the amount of data being stored in your directory. Even with a max filesize, in a few minutes, an evil user could max out your account and bandwidth just by uploading the same file again and again. 100K adds up to 10G faster than you think.

Share this post


Link to post
Share on other sites

I think you can also change or add an extension to the file like myfile.exe.addandremove when the user need it take off everything after the last dot.But if their is any virus it might save your server the but the user that download it but it can be an add on to that other poster said.

Share this post


Link to post
Share on other sites

If the server is running on Linux, I don't believe it will care about the extension. But then I don't understand why a server would execute an EXE just because the user requested it...

Share this post


Link to post
Share on other sites

Linux server's can't execute EXEs in any case :)But there are certain system files (at least on Windows) that are automatically executed anyway, and if you replace / infect those files the virus can run. So you have to be careful where the user is allowed to upload to.

Share this post


Link to post
Share on other sites
Linux server's can't execute EXEs in any case :)
A Linux executable may be named EXE or not; that's my point: that an executable file is known by its content rather than its filename on Linux. Calling it an EXE is just a way of "translating" the lingo from *nix to Windows. (Linux actually can indirectly execute Windows EXEs via Wine, and I have that set as the default on my laptop, but that has nothing to do with what I was thinking about.)
But there are certain system files (at least on Windows) that are automatically executed anyway, and if you replace / infect those files the virus can run. So you have to be careful where the user is allowed to upload to.
OK, yes: if the server itself assumes that a certain file is legit and automatically executes it, then an upload to that file would be a serious security hole. So the upload script should guard against moving up the directory tree (../), but I think actually changing the data is unnecessary.

Share this post


Link to post
Share on other sites

You can also store the file data in a database, and then the files won't be on disk at all. It will be a little slower, but you won't have any questionable files on disk. Useful if you want someone to be able to upload a PHP file without the possibility of them executing it.

Share this post


Link to post
Share on other sites

Basically, you can only download stuff that you uploaded using that account. So I don't care if it has a virus or not, just so as my sever is fine.But some quick questions... They may have nothing to do with PHP, but I still would like to know them.1. From what I understand, PHP Upload saves the file in a temporary spot that you then move the file to the final destination. Would it be able to activate there?2. Is there a way where I can use PHP to get the data of the file, without saving it to my sever?(that way I could store it in an SQL BD.)3. If you can't activate .exe by going to http://mywesite.com/this_is_virus.exe, then isn't there no danger at all?(other than somebody uploading php to activate the virus)

Share this post


Link to post
Share on other sites
1. From what I understand, PHP Upload saves the file in a temporary spot that you then move the file to the final destination. Would it be able to activate there?
Depends where you move it to and what permissions it has.
2. Is there a way where I can use PHP to get the data of the file, without saving it to my sever?(that way I could store it in an SQL BD.)
You have to save it in order to receive the upload. You can read the data from the temp file without moving it, and the temp file will get deleted automatically.
3. If you can't activate .exe by going to http://mywesite.com/this_is_virus.exe, then isn't there no danger at all?
Pretty much, if it's in a web-accessible path then it's a possible security risk.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...