Quote:
Originally posted by Renaxgade
So are you saying you cannot? If they upload exe.gif, it would work as a gif and not an executable right?
|
What I was saying is that you can't assume it's
what it says it is. That is, to be MORE safe (there's
always a way around if you're evil, or curious,or
bored) the ftp-daemon would have to run e.g. file against a
file once it's uploaded to determine what it REALLY
is, and delete it if it's something that you don't want.
I don't think that something like
PathAllowFilter
(Config statement for Proftpd) will do anything
but checking the file-name which isn't good enough
if the kids aren't completely dumb trolls.
I'm not quite sure what your concern is, though.
Do you not want the kids to "trade" certain things,
or are you afraid they might compromise your machine?
Cheers,
Tink