Validate content of uploaded files

[LucaCinquini]

Who: NOAA security scan

Currently, when a file is uploaded through the CoG interface, not much validation is performed on the actual content of the file.

[LucaCinquini]

Now we are using python-magic to inspect the file content for its mime type. The file extension must be one of the approved types (the file MUST have an extension), and its mime type must be approved for that specific extension.

[murphysj]

will that be sufficient? image files in particular can contain all sorts of bad ju ju.

On Thu, Aug 25, 2016 at 8:46 AM, Luca Cinquini notifications@github.com wrote:

Assigned #1319 https://github.com/EarthSystemCoG/COG/issues/1319 to @murphysj https://github.com/murphysj.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/EarthSystemCoG/COG/issues/1319#event-767549845, or mute the thread https://github.com/notifications/unsubscribe-auth/ABcVAIkAvDiV4iLDV39PhZO0OrOkncSuks5qjaqqgaJpZM4JtJgx .

---

Sylvia Murphy NESII/CIRES/NOAA Earth System Research Laboratory 325 Broadway, Boulder CO 80305 Time Zone: U.S. Mountain Web: http://www.esrl.noaa.gov/nesii/ Email: sylvia.murphy@noaa.gov Phone: 303-497-7753

[LucaCinquini]

The idea is to prevent files from being executed on the server... If the image itself is bad, we can always track down who uploaded it. I don't think we can inspect the image per-se...

[murphysj]

This code writes the file to a temporary location. Is there any risk in that if the goal is to prevent the file from being run on the server?

[murphysj]

tested a file w/o an extension a pdf file with a ppt extension and a file with a .garb extension

all produced an error.