On July 31, 2003 12:41 pm, skate wrote: > sorry, unfortunatly i haven't got a full solution, just a suggestion. i > don't know how difficult any of this would be to implement, but i feel that > it could benefit the community by adding a little extra security. > > i do fully understand that it's not gonna be 100% fool proof, or security > proof. very little is when you have any kind of user input. but every > little bit does help.
It would not offer any real security. Mime detection is generally based on the 1st few bytes of the file and can be easily fooled. This imperfect system will result of numerous frivolous reports about certain files bypassing this 'security measure' and so on. If you want such a protection enable the mime-magic extension or better yet get a command line virus scanner and use that to filter your attachments. Ilia -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
