Project

General

Profile

Actions
Copy link

Bug #181

closed

possible security risks in data file upload

Added by Chad Berkley over 23 years ago. Updated about 22 years ago.

Status:
Resolved
Priority:
Immediate
Assignee:
Matt Jones
Category:
metacat
Target version:
Beta2
Start date:
01/24/2001
Due date:
% Done:

0%

Estimated time:
Bugzilla-Id:
181

Description

The data file upload utility could have security holes in it. Ports may not be
closed when a client does not send all of the data that it says it is going to.
The data file upload utility needs to be thoroughly tested.

Actions
Copy link
 #1

Updated by Dan Higgins almost 23 years ago

This should not be a problem if socket has a reasonable timeout value set -
Dan Higgins

Actions
Copy link
 #2

Updated by Matt Jones almost 23 years ago

Obsoleted because the socket system is no longer used, as it was replaced by
"multipart/form-data" encoded data transferred using vanilla http. See bug 191
for a detailed description. The socket implementation of file upload has been
removed from Metacat.

Actions
Copy link
 #3

Updated by Redmine Admin about 11 years ago

Original Bugzilla ID was 181

Actions
Copy link

Also available in: Atom PDF