: Action Request System discussion list(ARSList)
[mailto:arslist@ARSLIST.ORG] On Behalf Of pascale.sterr...@daimler.com
Sent: Thursday, August 23, 2012 9:57 PM
To: arslist@ARSLIST.ORG
Subject: security risk with attachment - Any ideas?
HI all,
I am hoping that someone else on the list had to face
What kind of files do you attach?
A simple check would be to see the extension and block some of them. For
instance to not allow .exe.
Anyway, In one of our customers' system, users do upload files with virus.
This is done intentionally and part of security incidents.
An finally, the solution
HI all,
I am hoping that someone else on the list had to face this growing
security concern and found a way to do this.
This is the concern that came back from a security audit:
Attachment are not being scanned at the server level and the application
can only rely on the fact that the user
with attachment - Any ideas?
HI all,
I am hoping that someone else on the list had to face this growing
security concern and found a way to do this.
This is the concern that came back from a security audit:
Attachment are not being scanned at the server level and the application
can only rely on the fact
with attachment - Any ideas?
HI all,
I am hoping that someone else on the list had to face this growing
security concern and found a way to do this.
This is the concern that came back from a security audit:
Attachment are not being scanned at the server level and the application
can only rely
is a virus due
to the encryption / compression?
OK - so that was two questions, sorry.
- Original Message -
From: Frederick W Grooms frederick.w.gro...@xo.com
To: arslist@ARSLIST.ORG
Sent: Thursday, August 23, 2012 2:07:19 PM
Subject: Re: security risk with attachment - Any ideas?
Someone
11:07 AM
Please respond to
arslist@ARSLIST.ORG
To
arslist@ARSLIST.ORG
cc
Subject
Re: security risk with attachment - Any ideas?
Someone told me once if you are using the Mid-Tier client then as a file
is uploaded for an attachment it is temporarily saved on the Mid-Tier
server as a file
Hi,
There is a Filter-Run-Process-Command to save attachments to the server.
Why not save any new/updated attachment to some folder. Maybe you can add
the {request-id}-[form-id}-{field-id} as a name prefix for reference. Then
you can just run any script to analyze the attached file without
8 matches
Mail list logo