cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

storing executables/binaries in sharepoint document libraries

baronnenate
Copper Contributor

‎Nov 29 2019 07:42 AM

‎Nov 29 2019 07:42 AM

storing executables/binaries in sharepoint document libraries

As far as I know it's a bad idea. I've looked around but can't find specific technical reasons why it's bad to do so, can anyone advise? 

Labels:
9,424 Views
1 Like
6 Replies
Reply
6 Replies
best response confirmed by adam deltinger (MVP)
Christopher Hoard

‎Nov 29 2019 12:22 PM - edited ‎Nov 29 2019 12:23 PM

‎Nov 29 2019 12:22 PM - edited ‎Nov 29 2019 12:23 PM

Solution

Re: storing executables/binaries in sharepoint document libraries

Hi,

SharePoint Online does not have restrictions on the types of file, as specified in this article. This could be taken as an indicator that it is ok to do so.

https://support.office.com/en-gb/article/types-of-files-that-cannot-be-added-to-a-list-or-library-30...

However, you will also see a lot of articles around that wouldn’t advise it such as this one. They are mainly from periods where there did used to be restrictions on file types. This was mainly because files like exe’s were seen as a security risk especially if they contained malicious code

https://www.google.co.uk/amp/iedaddy.com/2011/10/sharepoint-2010blocked-file-types/amp/

There are some articles out there which advise on mitigating the risk, such as zipping them before uploading, and others to restrict the permissions of who and where to upload them.

I think it is best to use common sense here. SharePoint online contains anti malware and Microsoft wouldn’t have removed the limit if they thought there was a serious risk to their platform or some major barrier from a technical perspective. They have millions of tenants on the public cloud and files like exe’s and bat’s can be uploaded to any one of them. They also have some of the best security systems out there to protect their own platform. Saying this, it’s always worth being vigilant as security is a shared responsibility so if you did decide there wasn’t any risk you should still do things like zipping and restricting the uploads to a specific place by specific personnel, ensure an RFC process to clear the file for upload etc

If you thought there was a risk keeping them in the same app as your other corporate documents you could always look at alternative locations such as a file share in Azure where you could put them into Blob storage and only accessed by people who need them. This is a cheap alternative

There will be people both for and against this so as much as best practice, it’s probably more down to personal judgement and your perception of risk in doing so.

Hope that helps answers your question!

Best, Chris
1 Like
Reply
Chris Webb

‎Nov 29 2019 07:12 PM

‎Nov 29 2019 07:12 PM

Re: storing executables/binaries in sharepoint document libraries

I’m for. It doesn’t really matter what goes in. Cloud storage is cloud storage. They don’t change and really isn’t anything I could say as to why I wouldn’t.
1 Like
Reply
Rachel Davis

‎Dec 02 2019 12:02 PM

‎Dec 02 2019 12:02 PM

Re: storing executables/binaries in sharepoint document libraries

@baronnenateWhen you store a file in a library and click the file, SharePoint will attempt to launch/run the file. In the case of regular documents, that's not a problem. But if your file is an executable or html, etc. and SharePoint attempts to launch/run the file it can create problems. I locked up my entire machine once with some .exe and had to pull the plug and reboot.

 

If you think your users are going to remember to select the file, then click the download button to save to their hard drive before launching the exe, you have more faith in humanity than I do. 

 

Be smart, be safe. Zip the files then upload them. Yes, it's an extra step to unzip them but it's better than the alternative.

0 Likes
Reply
Chris Webb

‎Dec 02 2019 12:09 PM

‎Dec 02 2019 12:09 PM

Re: storing executables/binaries in sharepoint document libraries

Exe files should not run by default from SharePoint the mime type shouldn't be anything other than download from a technical perspective. Now if you try to run it from windows explorer sync then you have a stand alone exe that could make things unhappy depending on how that exe tries to find it's file path :P.
1 Like
Reply
baronnenate

‎Dec 03 2019 12:55 AM

‎Dec 03 2019 12:55 AM

Re: storing executables/binaries in sharepoint document libraries

the use case here is quite simple really, it's the storing of our product binaries/installers so we can share them with select customers (privately) without storing them somewhere public like S3 or Azure Blobthingy 

0 Likes
Reply
Rachel Davis

‎Dec 04 2019 05:37 AM

‎Dec 04 2019 05:37 AM

Re: storing executables/binaries in sharepoint document libraries

@baronnenateI would zip them and then post them as desired. 

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by adam deltinger (MVP)
Christopher Hoard

‎Nov 29 2019 12:22 PM - edited ‎Nov 29 2019 12:23 PM

‎Nov 29 2019 12:22 PM - edited ‎Nov 29 2019 12:23 PM

Solution

Re: storing executables/binaries in sharepoint document libraries

Hi,

SharePoint Online does not have restrictions on the types of file, as specified in this article. This could be taken as an indicator that it is ok to do so.

https://support.office.com/en-gb/article/types-of-files-that-cannot-be-added-to-a-list-or-library-30...

However, you will also see a lot of articles around that wouldn’t advise it such as this one. They are mainly from periods where there did used to be restrictions on file types. This was mainly because files like exe’s were seen as a security risk especially if they contained malicious code

https://www.google.co.uk/amp/iedaddy.com/2011/10/sharepoint-2010blocked-file-types/amp/

There are some articles out there which advise on mitigating the risk, such as zipping them before uploading, and others to restrict the permissions of who and where to upload them.

I think it is best to use common sense here. SharePoint online contains anti malware and Microsoft wouldn’t have removed the limit if they thought there was a serious risk to their platform or some major barrier from a technical perspective. They have millions of tenants on the public cloud and files like exe’s and bat’s can be uploaded to any one of them. They also have some of the best security systems out there to protect their own platform. Saying this, it’s always worth being vigilant as security is a shared responsibility so if you did decide there wasn’t any risk you should still do things like zipping and restricting the uploads to a specific place by specific personnel, ensure an RFC process to clear the file for upload etc

If you thought there was a risk keeping them in the same app as your other corporate documents you could always look at alternative locations such as a file share in Azure where you could put them into Blob storage and only accessed by people who need them. This is a cheap alternative

There will be people both for and against this so as much as best practice, it’s probably more down to personal judgement and your perception of risk in doing so.

Hope that helps answers your question!

Best, Chris

View solution in original post

1 Like
Reply