if its linux or windows?

what are the bad sides to it.

Thanks,

It depends on who you're allowing to upload and where the file is being uploaded on the server. If the file is being uploaded outside the web root and it can't be ran from a web browser then it should be fine. Otherwise I wouldn't allow some one to upload an exe on Windows or Linux. Just mainly because they could upload a virus and send people a link to your site to download it.

I wouldnt allow .exe at all on windows because it could be a virus/trojen, i dont think linux would be harmed... as i recall.

Forget all that, your server provider may not allow .exe files (to prevent pirated software "warez" to be uploaded). Check with your provider first.

Secondly -- don't rely on extensions to determine what the file can do.

Thirdly -- make sure your permissions are setup properly. 99% of the problems with uploading files (and security vulnerabilities) are caused by inappropriate permissions.

An executable file itself isn't necessarily a threat, unless you're providing users with some sort of execution environment. As that is unlikely, and you will likely want to ensure that it stays that way, you should pay a good deal of attention to preventing the unintentional execution of code.

You should always treat any information generated by the user and sent to the remote server as dirty. Characters such as semi-colon should be replaced with inert equivalents before you do anything beyond storing it in a database field. Certaintly it should be done before you include it in any server generated page or step that invokes server side executables.

The important characters are often system dependent.