RM 1.1 Allowing zip files a security risk?

Mr Lucky

Mr Lucky

Well-known member
If I allow members to attach zip files for download, I get the feeling we could lay ourselves open to malware?

Is this correct?

If so is there any kind of safer alternative?

Thanks.
 
Sort by date Sort by votes
The contents of a .zip file could be anything.

Users should always be wary of downloading or opening files they don't trust or can't verify the content of.
 
Upvote 0 Downvote
Yes, that's what I thought. But if somebody did somehow up[load something malicious, e.g. a trusted member who suddenly became nasty, then would I, as forum owner, be responsible?

This kind of implies I/we are safest with a disclaimer on the resource download page.
 
Upvote 0 Downvote
You could always put somthing on the server such as clamav with maldet and have it scan the directories where the files are uploaded.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

Joao Prates
  • Question Question
XF 2.2 2.2.15 - An upgrade was found for a version of XenForo that is newer than the uploaded files
Replies
11
Views
816
Joao Prates
Joao Prates
TimWilson
  • Question Question
XF 2.2 m4a attachment Insert button missing
Replies
8
Views
464
TimWilson
TimWilson
Sanctum Staff
  • Question Question
XF 2.2 Locating a Troublesome Link
Replies
1
Views
231
AndyB
AndyB
MegaPixel
  • Question Question
XF 2.2 Files listed below have contents different
Replies
5
Views
646
digitalpoint
digitalpoint
A
Large Attachment Files from Forum Threads on Server
Replies
10
Views
647
Alfuzzy
A
Top Bottom