Prenosi datotek so pogosta funkcionalnost, vendar pa predstavljajo pomembno varnostno tveganje — zlonamerne datoteke lahko vodijo do izvajanja kode, distribucije zlonamerne programske opreme ali kompromitiranja sistema. Varnostni prenosi zahtevajo preverjanje vrst datotek, velikosti in vsebine, varno shranjevanje datotek in njihovo previdno dostavljanje.
Tveganja prenosa datotek
Allowing users to upload files is dangerous if not secured:
✗ MALICIOUS executable/script files → could run on the server (e.g. uploading a web
shell / script that gets executed → server compromise)
✗ MALWARE distribution (files served to other users)
✗ Oversized files → denial of service (disk/memory exhaustion)
✗ Path traversal in filenames (../../) → overwrite system files
✗ Files with misleading types/content (a .jpg that's actually a script)
