As Scott said not really an issue unless someone gains access to your server
to change the file extension and execute the file.
If you're worried about uploads, the best way I have found is to disallow
write access in the root of your site and then create a virtual directory
which allows write, and read access only (i.e. not the ability to run
scripts, or execute). This way ensures that if someone uploads an ASP file
then the code cannot be navigated to and run by a malicious user, this would
otherwise potentially allow people to create havoc on your web server. (and
this is one way that someone could in certain circumstances use that
uploaded virus)
Matt
Srini said:
If I allow the user to upload a file of extension .gif to the web server
will the user be able to upload a virus (by renaming a .exe to .gif) to the
web server
