On Tue, 27 Jan 2004, Brent J. Nordquist wrote: > The only thing that's been holding me back from doing that here, or > implementing similar measures (e.g. unzip and see if there's only a .scr > or .pif inside), is the fear of a "10 gigabytes of 0's" DoS ZIP file.
If you have GNU cut, this should be safe: unzip -p $part | cut -b -100000 | wc That should kill the unzip once it goes past 100K. Better yet, why not do the equivalent of: unzip -l $part | grep -i $bad_exts Just check if the unzipped file has any .exe, .pif, etc. in it. This is more reliable and future-proof than testing for a specific size. -- David. _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang