Security Best Practices

This section outlines some security best practices to consider when using File Content Extraction.

  • Keep File Content Extraction Up to Date. New releases may include security updates, including updates to third-party libraries. See Third-Party Library Upgrade Policy.
  • Protect the Temporary Directory. File Content Extraction can write sensitive information to the temporary directory, so this location must be protected. See Protect the Temporary Directory.
  • Run File Content Extraction with Minimal Privileges. In the event that a malicious actor causes File Content Extraction to behave dangerously, the potential damage is limited if File Content Extraction is running with fewer privileges. See Run XML Export with Minimal Privileges.
  • Run Export Out-of-Process. Export can process documents in a separate process, which protects the stability of the calling application. OpenText strongly recommends that you configure Export to do this, by using the instructions in Convert Files Out-of-Process.

  • Prevent DLL Pre-loading Attacks. When your application attempts to load the kvxml shared library and it is not found, the Operating System may search various locations, which can lead to a DLL pre-loading attack. For ways to prevent this, see Mitigate Against DLL Pre-Loading.

  • Sanitize absolute paths when extracting subfiles. Container files can specify paths that point outside the extract directory, which can lead to a type of path traversal vulnerability known as Zip Slip. File Content Extraction automatically sanitizes relative paths to prevent this, but OpenText recommends also configuring File Content Extraction to sanitize absolute paths. See Sanitize Absolute Paths.