Is it a good idea to let users upload .swf files? Wouldn't there be security risks? But then, how does deviantArt.com and Newgrounds.com protect themselves from such vulnerabilities?

What are the things I should consider before allowing people to upload flash content to my site? And how can I safeguard my site from attacks caused by malicious Flash content sent by the user? I don't think just checking the file header or extension will be enough. Chmod and setting an htaccess file might be just the tip of the iceberg.

Oh, and by the way, I'm using PHP to allow users to upload their files


Thanks

A little bit of Googling came up with this article: http://blogs.adobe.com/stateofsecurity/2007/07/how_to_restrict_swf_content_fr_1.html

In my opinion you should probably set allowScriptAccess=never and allowNetworking=internal.

A little bit of Googling came up with this article: http://blogs.adobe.com/stateofsecurity/2007/07/how_to_restrict_swf_content_fr_1.html

In my opinion you should probably set allowScriptAccess=never and allowNetworking=internal.


Thank you so much. I was using keywords like, 'swf', 'risks', 'php' and 'security' when I was searching on google. Looks like I have more to learn :)