https://bugzilla.wikimedia.org/show_bug.cgi?id=2089
--- Comment #39 from Chris Steipp <[email protected]> --- The major threats I'm most concerned with are these attachments opening up and xss by causing the browser to think it's html, java applet, swf, etc. So if it correctly unzips to something that validates as an odf, and the binary is checked to make sure sniffing wont think it's html, or another mime type, then we can probably enable this. Bawolff, could you confirm that's what it does? The macro / embedded virus threat is definitely a danger to our users, but we currently do not scan incoming binaries (as Nemo pointed out, we have plenty of pdfs with hostile code already). -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
