SOLVED

storing executables/binaries in sharepoint document libraries

Highlighted
New Contributor

As far as I know it's a bad idea. I've looked around but can't find specific technical reasons why it's bad to do so, can anyone advise? 

6 Replies
Highlighted
Best Response confirmed by adam deltinger (MVP)
Solution
Hi,

SharePoint Online does not have restrictions on the types of file, as specified in this article. This could be taken as an indicator that it is ok to do so.

https://support.office.com/en-gb/article/types-of-files-that-cannot-be-added-to-a-list-or-library-30...

However, you will also see a lot of articles around that wouldn’t advise it such as this one. They are mainly from periods where there did used to be restrictions on file types. This was mainly because files like exe’s were seen as a security risk especially if they contained malicious code

https://www.google.co.uk/amp/iedaddy.com/2011/10/sharepoint-2010blocked-file-types/amp/

There are some articles out there which advise on mitigating the risk, such as zipping them before uploading, and others to restrict the permissions of who and where to upload them.

I think it is best to use common sense here. SharePoint online contains anti malware and Microsoft wouldn’t have removed the limit if they thought there was a serious risk to their platform or some major barrier from a technical perspective. They have millions of tenants on the public cloud and files like exe’s and bat’s can be uploaded to any one of them. They also have some of the best security systems out there to protect their own platform. Saying this, it’s always worth being vigilant as security is a shared responsibility so if you did decide there wasn’t any risk you should still do things like zipping and restricting the uploads to a specific place by specific personnel, ensure an RFC process to clear the file for upload etc

If you thought there was a risk keeping them in the same app as your other corporate documents you could always look at alternative locations such as a file share in Azure where you could put them into Blob storage and only accessed by people who need them. This is a cheap alternative

There will be people both for and against this so as much as best practice, it’s probably more down to personal judgement and your perception of risk in doing so.

Hope that helps answers your question!

Best, Chris
Highlighted
I’m for. It doesn’t really matter what goes in. Cloud storage is cloud storage. They don’t change and really isn’t anything I could say as to why I wouldn’t.
Highlighted

@baronnenateWhen you store a file in a library and click the file, SharePoint will attempt to launch/run the file. In the case of regular documents, that's not a problem. But if your file is an executable or html, etc. and SharePoint attempts to launch/run the file it can create problems. I locked up my entire machine once with some .exe and had to pull the plug and reboot.

 

If you think your users are going to remember to select the file, then click the download button to save to their hard drive before launching the exe, you have more faith in humanity than I do. 

 

Be smart, be safe. Zip the files then upload them. Yes, it's an extra step to unzip them but it's better than the alternative.

Highlighted
Exe files should not run by default from SharePoint the mime type shouldn't be anything other than download from a technical perspective. Now if you try to run it from windows explorer sync then you have a stand alone exe that could make things unhappy depending on how that exe tries to find it's file path :P.
Highlighted

the use case here is quite simple really, it's the storing of our product binaries/installers so we can share them with select customers (privately) without storing them somewhere public like S3 or Azure Blobthingy 

Highlighted

@baronnenateI would zip them and then post them as desired.