Has anyone found a good solution for attachments & security?
I'd like to save attachments, but am concerned about the security.
There are two aspects:
1) Server. This can be solved, specifically by controlling the path,
file name, and size of the attachments.
2) User. I don't see how this could be solved. I don't want my site
to have links to virii and other nasties that could be sent in email.
Yes, I could scan them, but scanning is never perfect.
Any ideas?
(One compromise is to store attachments in some akward encoding, like
base 64 - if the user is proficient enough to decode them, he should
be able to handle the security risks. Needless to say, this is not a
good solution...)