Issue 529 in arctos: do a better job of sterilizing uploads
0 views
Skip to first unread message
arc...@googlecode.com
Feb 15, 2012, 5:39:39 PM2/15/12
to arct...@googlegroups.com
Status: Accepted
Owner: dust...@gmail.com
Labels: Type-Defect Security Priority-Critical
Owner: dust...@gmail.com
Labels: Type-Defect Security Priority-Critical
New issue 529 by dust...@gmail.com: do a better job of sterilizing uploads
http://code.google.com/p/arctos/issues/detail?id=529
Discuss what we'll accept as Media, go through the bulkloaders, etc.
arc...@googlecode.com
Feb 22, 2012, 12:52:06 PM2/22/12
to arct...@googlegroups.com
Updates:
Status: Fixed
Status: Fixed
Comment #1 on issue 529 by dust...@gmail.com: do a better job of
sterilizing uploads
http://code.google.com/p/arctos/issues/detail?id=529
Uploads in Arctos summary:
1) specimen bulkloader accept CSV, and uses it to create Oracle sqlldr
control files
2) other stuff bulkloaders - same as above, but only read into memory and
written as to tables
3) reports - .cfr only
4) Media uploads go to Application.sandbox (700) as 600-permissions files,
then moved out with more access only after passing confirmation.
Public users can't upload anything, anywhere.
Reply all
Reply to author
Forward
0 new messages