Re: Proposed method for file attachments and uploads
I’m not sure about forum software, but I know about file uploads based on other work I’ve done.
Typically the idea is to always rename the files when they are uploaded and before you save them anywhere, only allow certain file types, limit the size, and make sure permissions are set correctly. Usually you should trigger some type of anti-virus software to scan the directory and make sure nobody is posting viruses.
By ignoring the the filenames passed in, you prevent anybody from being able to pass in filenames containing “../” or something like that to write to other directories. You can do a regex and/or mime type check to see what type of file it is so you can name the extension correctly.
Only allowing certain file types is probably a good idea, and making sure to scan files with antivirus is also extremely necessary.
What I’ve been considering is writing an attachments plugin that only allows images to be uploaded by regular users, but moderators can attach zipfiles as well. The idea there is that moderators can be trusted, and there’s fairly little risk in uploading images (we do it for avatars today)