网站通过文档上传暴露的安全漏洞有哪些?

I am new to the document storage space. I am not sure what i am doing yet, but before i begin i wanted to know about the possible security threats one has when one allows document uploads and what is the best way to sanitize the data? I am using PHP and will allow images, word docs, pdfs, excel docs, etc.

And is this a good solution:

http://blog.insicdesigns.com/2009/01/secure-file-upload-in-php-web-applications/

There are two really obvious ones:

  • If improperly done, a file uploader could allow the user to overwrite other people's files -- including the PHP that runs the site. Make sure permissions are set so that the web server's account has read-only access to any directory but where stuff should be written, and that nothing in that directory can be executed.
  • Users can upload (big) enough files to fill the site's disk quota. Even if they can't, they can try -- and the server might not refuse the upload til after the whole file's been sent anyway, chewing up precious resources and possibly still filling the drive (if only for the time it takes to refuse the request and delete the temp file).

And that's just the risks to the server. Files can contain malware that can affect other users. You'll probably want to find a scanner for that stuff.

I'll suggest that if you want to let people upload files, you find a pre-written script that a lot of other people use and recommend. Rolling your own is bound to cause you problems when someone does something that you never considered.

There are a vast amount vulnerabilities, when allowing a user to upload files. Potential, blocking unwanted file formats, can help limit the possibilities of someone being able to upload a shell, and root your server. Affecting the integrity, confidentiality and availability of information on your servers.

There also vulns within you forms control as well such as XSS (cross-site scripting) exploits...allowing a user to run malicious code. This could lead to malicious code being executed in users environments.

There also the possibilities, for vulnerabilities within your actual database as well i.e. SQL injections.

Just don't let the server execute executable files...

Risk from users uploading large files, utilising vital disk space and bandwidth.

Useful link for securing PHP upload scripts: http://www.webcheatsheet.com/PHP/file_upload.php

There are several threats you should be aware of:

  • Malware like virus, worms, trojan horses and so on, especially if the uploaded files are accessible by other users.
  • Files that can be executed on your system like php-files. If a user can upload a php-file to your webroot, he can execute arbitrary commands using something like passthru(cmd) or system(cmd).
  • Illegal content. You don't want anything illegal on your server that could get you into trouble.
  • Someone could upload HTML-files with javascript, using them for XSS attacks
  • ...

Just to name some of them. You should take a look at the OWASP Website concerning Unrestricted File Upload. You should find anything you need there.