> it is in no way security problem. Please, prove me > wrong :) Maybe you're right, I actually didn't look that intensive on your code (I only saw "exec" and become afraid...). Nevertheless, it's easy to limit the maximum upload filesize. But what happens if I enter an URL that points to a 1GB png? I can also enter any URL I want - not only images. Your machine would request it. So anyone could use your machine to start attacks against others without leaving traces on the attacked machine. However, that's maybe another problem - you should never let the user enter an URL that your machine requests. I don't know if this was your intention, but I'm sure that some others would do that. Anyway, this discussion does not belong here ;)
> About the why one thing is supported by the sfImageMagick adapter and > not by the GD one - this did not stop from implementing toString() for > the GD adapter and not for the ImageMagick, right? Ok, ok. You convinced me. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en -~----------~----~----~----~------~----~------~--~---
