Well, I'd say currently, PDF's are not very commonly uploaded. I wouldn't want
to take a lot of your time on this, especially if it's not a perfect solution.
I'm not sure what Abdur-Rahmaan means about
though as a programmer i'm sometimes wary of pdfs, i think a system like
google drive which checks before downloading might work ok (we'll check on
uploading).
or a serverside check on back-end maybe if a trusted one exists.
But I guess it's something like scanning the file before it actually uploads?
I suppose it might be more convenient to copy the PDF and take to a free online
scanner (rather than moderators downloading them).
Does anyone know a reliable free online malware scanner? Or other ideas?
Should I copy this to the Devel list, for more comments?
I mean, for that matter, I think the same thing is true for SVGs, isn't it?
They can contain scripts which could potentially be malicious, right? I wonder
if there is some server side scanner which could automatically check all
uploads?
brynn
-----Original Message-----
From: Martin Owens
Sent: Wednesday, March 07, 2018 7:18 PM
To: brynn ; Inkscape-Docs
Cc: Abdur-Rahmaan Janhangeer ; die humblex
Subject: Re: welcome new moderator, and discuss PDFs
It's possible to convert a pdf to an image on the webserver to aid with
the problem. Wouldn't be a completely proof solution, but would help.
If this seems like it would be urgently need, I can spend some time on
it.
Best Regards, Martin Owens
On Wed, 2018-03-07 at 18:30 -0700, brynn wrote:
Hi Fellow Moderators!
Welcome to our newest moderator, Abdur-Rahmaan
Janhangeer. Now with 6
moderators, 3 of which are able visit on almost daily basis, I'm
starting to
feel like the system is really able to meet its potential.
(Fyi Everyone, JAKE is now Panda.)
I'd also like to discuss a moderation issue regarding
PDFs. There was a
recent image, I think it was the map of Europe, uploaded as a
PDF. One comment
which was posted, along with a vote to delete, was "pdf can contain
viruses or
get your ip on opening".
While I understand that potentially can happen, PDF is an
acceptable
format for uploaded resources (whether image or text) in the
gallery. So we
can't delete them only because they are PDFs.
However, since their contents are not displayed, we must open
them, to
find out if they meet the CoC guidlines. What would be the best way
to get a
look at the contents, without risking our personal privacy and/or
security?
I'm thinking we should download and run our local security
scans, before
opening. (Or I suppose there are some free online scanners. Don't
have any
links right offhand though.) Does anyone know of a better,
possibly less time
consuming (and memory eating) way to get a safe look at the contents?
All best,
brynn
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Inkscape-docs mailing list
Inkscape-docs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/inkscape-docs
