Last modified: 2011-04-14 15:11:13 UTC
HOW TO: Download the linked file (req. admin access on enwiki), rename to .rar, extract. PROBLEM: Users using Wikipedia as RapidShare replacement by appending compressed files to legitimate graphics uploaded to our servers. POSSIBLE SOLUTION: Add code to detect RAR compression appended to valid graphics files and fail the upload.
Why look for RAR and not five million other archive formats? What about trivially obfuscated files? Encrypted files? etc.
(In reply to comment #1) > Why look for RAR and not five million other archive formats? What about > trivially obfuscated files? Encrypted files? etc. > its simple really... your average jpg viewer stops reading the file after the end tag. rar ignores anything prior to the rar header. so you've got the perfect combination with jpg and rar. But a few other archive formats/image formats could potentially work. There are tutorials all over the internet including the EN WP article on RAR showing how to do the jpg/rar combination though.
Convenient. :) Greg's putting together a list of files with known issues, we'll have a good test set of this and other formats.
http://commons.wikimedia.org/wiki/User:Gmaxwell/possiblyevilimages http://en.wikipedia.org/wiki/User:Gmaxwell/possibly_evil_images Lists not yet filtered.
Note that commons uploads are being checked (third-party) for embedded rars.