0

If you allow web users to upload documents to Mongo with GridFS, is there any risk of infecting your network with a virus?

Let's assume the Mongo instance is isolated, so no user can access it and download the files. Then the files will be virus scanned before being made available to our network outside of Mongo.

Since a virus generally requires an action (open in Word, run in PDF viewer) it seems like the introduced risk is minimal, but maybe I'm missing something?

javatestcase
  • 682
  • 1
  • 10
  • 25

1 Answers1

1

MongoDB just stores the bytes across multiple chunks so from a MongoDB perspective It's just storage, however the consumption of a file within GridFS could possibly effect network. Like most user import you should sanitize at the source input (When you first store the file).

Kevin Smith
  • 13,746
  • 4
  • 52
  • 77