I have a web application that allows users to upload certain documents relevant to their account (word/excel/powerpoint etc). I’m building this with CodeIgniter and I just wanted to check that I’m not missing anything security wise.
- MIME types of the file are checked
- Maximum size is checked
- The filename is hashed
- The filename is never seen by any user rather when clicking a “download” link, the safedownload controller is called with an ID ( http://www.example.com/safedownload/1245/ )
Is there anything I’m missing? The CHMOD of the files in the directory is currently set to 0600, is that secure?
Thanks.
Have you considered the way the files are accessed later? There is a common flaw you should be aware of-
If the filepath can be manipulated in any way, it is possible that your server could be accessed, completely outside the folder you store the documents in- for instance ../../../etc/somefile
To protect against this, you could check the filepath that is about to be accessed for ‘..’ to be sure noone has found a way to to get those characters in the command your code executes!