Home Tutorials Forums Articles Blogs Movies Library Employment Press
Old 06-26-2008, 12:25 AM   #1
Registered User
Join Date: Jun 2008
Posts: 1
Default Allowing users to upload SWFs -- security?

Hi all,

I'm involved in developing a media repository and the owners want people to be able to upload SWF files, and then allow public browsing of those SWF files via the web.

My concern is that people might be able to fill their SWFs full of code to (for example) access the server's file system, or hunt for passwords, or dump the memory of the server to the screen, or other malicious activity.

Has anyone got any advice as to where to start looking at the security implications, and/or how best to lock these SWFs down?

They'll be hosting on a Windows 2003 Server. I will already be insisting that the SWFs served to the browser will be served through some kind of 'wrapper' SWF of my construction, but will that make any difference? Could you code an SWF that can punch its way out of the wrapper and get loose on the server?

Many thanks in advance for any advice! :-)
septicman is offline   Reply With Quote

Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Session variables not avalable to all users?!? nmalhot Flash Remoting 0 01-24-2005 04:06 AM
Why everyone hates (or should hate!) mircosoft stealthelephant General Chat 100 01-07-2005 01:17 PM
allowing users to save what they see rockjock04 Simple Stuff (Newbies) 1 10-17-2002 08:09 AM
Flash MX Security Whitepaper Discussion Jesse General Chat 3 05-02-2002 11:29 AM
Allow users to upload information anthony ActionScript 1.0 (and below) 4 03-23-2001 10:16 AM

All times are GMT. The time now is 01:34 AM.

Follow actionscriptorg on Twitter


Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Ad Management plugin by RedTyger
Copyright 2000-2013 ActionScript.org. All Rights Reserved.
Your use of this site is subject to our Privacy Policy and Terms of Use.