Tiff is a quite a complicated format. Its implementation can contain vulnerabilities. Some man creates tickets with tiffs attached: legacy/trac#23140, legacy/trac#23085. People consider this as an attack. They even ask him in a rude form not to post tiffs. Maybe we should protect him from such a rudeness ;) I suggest to disallow uploads of non-text formats other than the ones in the following whitelist: ["png"].