Can the .read method execute any files?

I need to read (and parse) a user uploaded file. I check it's MIME
types, as well to see if includes proper headers by reading the file,
but I was wondering can something like params[:uploaded_file].read
trigger any EXEs or ruby/php/etc files? Or, is "read" good to go?

read does just return the bytes in the IO stream to you - it doesn't
do anything with them.


If you are planning on just uploading the file and you don't want to
upload executable files you should check for that before allowing the

Thank you Frederick.
That's what I was thinking (hoping).

I do check it's MIME type before uploading, but the file is actually
never saved. So as long as .read, or parsing, won't trigger the exe/
ruby/php script, then I think I'm ok.