mahara-contributors team mailing list archive

Thread
Date

[Bug 785465] [NEW] Extend the clamav check to ensure sanity of each file type

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: François Marier <francois@xxxxxxxxxx>
Date: Thu, 19 May 2011 23:52:53 -0000
Reply-to: Bug 785465 <785465@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

Clamav currently allows Mahara to reject uploads which contain viruses.

We should extend this framework to be able to run sanity checks based on
the mimetype of the uploaded files.

For example, we may want to:

- validate PNG and JPG images and reject invalid ones
- check whether or not Word documents contain macros and reject them
- only allow PDFs without any scripts in them

** Affects: mahara
     Importance: Wishlist
         Status: Triaged


** Tags: security

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/785465

Title:
  Extend the clamav check to ensure sanity of each file type

Status in Mahara ePortfolio:
  Triaged

Bug description:
  Clamav currently allows Mahara to reject uploads which contain
  viruses.

  We should extend this framework to be able to run sanity checks based
  on the mimetype of the uploaded files.

  For example, we may want to:

  - validate PNG and JPG images and reject invalid ones
  - check whether or not Word documents contain macros and reject them
  - only allow PDFs without any scripts in them

Follow ups

[Bug 785465] Re: Extend the clamav check to ensure sanity of each file type
From: François Marier, 2011-11-22
[Bug 785465] [NEW] Extend the clamav check to ensure sanity of each file type
From: François Marier, 2011-05-20

References

[Bug 785465] [NEW] Extend the clamav check to ensure sanity of each file type
From: François Marier, 2011-05-20