[Mimedefang] Alternative zip blocking code
Chris Masters
rotis23 at yahoo.com
Mon Mar 8 14:46:32 EST 2004
Thanks for your comments Paul.
All good points.
--- Paul Murphy <pmurphy at ionixpharma.com> wrote:
> Chris,
>
> Some observations:
>
> 1. You don't check the size of Zip members before
> uncompressing them, which can
> lead to denial of service attacks.
I've added more size checking!!
>
> 2. There are many nesting methods for zip files,
I'm going to add support for other types in the next
version and try and make the functions general to all
archive types/nesting methods.
>
> 3. In general, nested ZIP files are a waste of
> time,
The nesting functioanlity is mainly to stop users
zipping up attachments to get them through and to
block/quarantine password-protected viruses etc etc.
>
> 4. Decompressing to /tmp may not be the best idea,
Inflating to /tmp was just for test
purposes. I think we're going to use a purpose create
dir in /var as /var/spool/MIMEDefang is on a ramdisk.
__________________________________
Do you Yahoo!?
Yahoo! Search - Find what you’re looking for faster
http://search.yahoo.com
More information about the MIMEDefang
mailing list