Date: Tue, 18 Jul 2006 13:55:47 +0100 From: Brian Candler <B.Candler@pobox.com> To: Mikhail Teterin <mi+mx@aldan.algebra.com> Cc: isp@freebsd.org, net@freebsd.org Subject: Re: forcing FTP-uploaded files to be of certain types only Message-ID: <20060718125547.GB26642@uk.tiscali.com> In-Reply-To: <200607171306.01882.mi%2Bmx@aldan.algebra.com> References: <200607171306.01882.mi%2Bmx@aldan.algebra.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jul 17, 2006 at 01:06:01PM -0400, Mikhail Teterin wrote: > How hard would it be to make the stock FreeBSD FTP-server to examine the > first, say, 100Kb of the uploaded file and interrupt transfer if the file is > of a prohibited or is not of an allowed type? > > Anything under 100Kb is fine, I guess, and 100Kb is more than enough to detect > compression or lack thereof... I think the first few bytes should be enough to tell you if it's a gzip, pkzip or compress archive: $ gzip -c -9 /etc/services | head -c64 | file - /dev/stdin: gzip compressed data, was "services", from Unix, max compression $ compress -c /etc/services | head -c64 | file - /dev/stdin: compress'd data 16 bits $ zip - /etc/services | head -c64 | file - adding: etc/services /dev/stdin: Zip archive data, at least v2.0 to extract How wedded are you to FTP? If this was a HTTP 'PUT' then a simple CGI could read in 100 bytes, check it is compressed (e.g. with libmagic), then copy through the rest of the file. The result from the PUT can be a HTML page saying "all OK" or "please compress your data first" Regards, Brian.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060718125547.GB26642>