FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Please support .zip attachments

waclawek.jan
Guru

‎2023-08-05 05:01 AM

The forum allows .z, .7z, but does not allow .zip attachments.

Please fix.

JW

Labels:
12 REPLIES 12
RhSilicon
Lead

‎2023-08-05 05:09 AM

:see_no_evil_monkey:

0 Kudos
Tesla DeLorean
Guru

‎2023-08-05 05:41 AM

+1

Not any more intrinsically safe / unsafe as an other archiving method, and can be scanned. Lack of support just adds to reasons not to participate.

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..
Lina_DABASINSKAITE
Community manager
Community manager

‎2023-08-18 02:06 AM

Hello all, 

The type: .zip is excluded due security recommendations. Let me please check internally what could be done about it. 

BR,
Lina


In order to give better visibility on the answered topics, please click on 'Accept as Solution' on the reply which solved your issue or answered your question.
0 Kudos
Johi
Senior III

‎2023-09-24 03:28 AM

Very good proposal. On top of this the 5 MB limit is also a bit outdated. At least we should be able to share zipped example programs to support each other and indirectly ST.

0 Kudos
Tesla DeLorean
Guru
In response to Lina_DABASINSKAITE

‎2023-09-24 10:51 AM

The security issue would be WHAT'S IN THE ZIP, the integrity of the files can be readily established, and the content scanned for threats.

Don't allow them to contain EXE/DLL files, or be password protected / encrypted.

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..
0 Kudos
Piranha
Chief II

‎2023-11-26 11:21 AM - edited ‎2023-11-26 11:48 AM

Tried adding some files to this topic:

https://community.st.com/t5/stm32-mcus-embedded-software/how-to-make-ethernet-and-lwip-working-on-stm32/td-p/261456

Piranha_0-1701025175036.png

The RAR, 7Z, TAR and XZ archives are supported, but not ZIP because of "security". Also does any of those "security experts" even know that a DOCX, XLSX and PTPX files are also ZIP files with a different extension? @Lina_DABASINSKAITE , do you have any clue what level of nonsense you are talking here?

Oh, but it lists HEX as an accepted format - let's try that...

Piranha_1-1701025545502.png

A perfectly normal HEX files "does not match its file extension". One can see those HEX files added to that topic as a TXT files.

waclawek.jan
Guru

‎2024-05-09 05:54 AM - edited ‎2024-05-09 05:54 AM

This is still a bug. As explained above, "security concern" is nonsense.

JW

Tesla DeLorean
Guru
In response to waclawek.jan

‎2024-05-09 05:59 AM

.docx are ZIP files..

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..
0 Kudos
waclawek.jan
Guru

‎2024-07-27 12:07 AM

@Lina_DABASINSKAITE, @Amelie ACKERMANN , can this please be rectified asap.

We need to be able to exchange packs of files. .zip is an industry standard, and, as pointed out by many, other packed formats (some of which are proprietary thus require installing/running proprietary unpackers, hence pose a significantly larger security risk) are allowed; and also formats which in fact have the same underlying .zip structure.

In other words, the quoted security concerns are moot.

We need to exchange .hex and .elf files, too - either standalone or as part of .zip  - those result from source files compilation and are vital for being able to help users with specific problems which stem from the compilation process. Those don't pose any significant security issues either, as they are not run on PCs but on microcontrollers.

JW

Top