Project

General

Profile

Bug #181

possible security risks in data file upload

Added by Chad Berkley about 19 years ago. Updated almost 18 years ago.

Status:
Resolved
Priority:
Immediate
Assignee:
Category:
metacat
Target version:
Start date:
01/24/2001
Due date:
% Done:

0%

Estimated time:
Bugzilla-Id:
181

Description

The data file upload utility could have security holes in it. Ports may not be
closed when a client does not send all of the data that it says it is going to.
The data file upload utility needs to be thoroughly tested.

History

#1 Updated by Dan Higgins over 18 years ago

This should not be a problem if socket has a reasonable timeout value set -
Dan Higgins

#2 Updated by Matt Jones over 18 years ago

Obsoleted because the socket system is no longer used, as it was replaced by
"multipart/form-data" encoded data transferred using vanilla http. See bug 191
for a detailed description. The socket implementation of file upload has been
removed from Metacat.

#3 Updated by Redmine Admin almost 7 years ago

Original Bugzilla ID was 181

Also available in: Atom PDF