We allow users to upload a number of files, all of which we either send over to scribd (doc, xls, ppts, etc) or display as a video ourselves (flv, mov, mp4, etc in flowplayer).
To avoid users uploading unsafe files, we check against a set of known "safe" file extensions and then check the output of the file -i -b command which gives us the MIME type.
Usage: file [OPTION]... [FILE]...
Determine file type of FILEs.
...
-i, --mime output mime type strings
Is this adequate protection to keep 'unsafe scripts' off our server or do folks use something different?