diff options
author | Cristy <urban-warrior@imagemagick.org> | 2017-02-09 18:45:55 -0500 |
---|---|---|
committer | Cristy <urban-warrior@imagemagick.org> | 2017-02-09 18:45:55 -0500 |
commit | 56c6bc3705f49f3acd3b7726ae33e36e8c1af71d (patch) | |
tree | db85d204e102b2a8095bf3b5febf424f64fc69ef /config/policy.xml | |
parent | 08359ab14b5ac19de9032906cf488340ec721a1b (diff) | |
download | ImageMagick-56c6bc3705f49f3acd3b7726ae33e36e8c1af71d.tar.gz |
...
Diffstat (limited to 'config/policy.xml')
-rw-r--r-- | config/policy.xml | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/config/policy.xml b/config/policy.xml index 5ec314c46..c1b678381 100644 --- a/config/policy.xml +++ b/config/policy.xml @@ -13,7 +13,7 @@ Domains include system, delegate, coder, filter, path, or resource. - Rights include none, read, write, and execute. Use | to combine them, + Rights include none, read, write, execute and all. Use | to combine them, for example: "read | write" to permit read from, or write to, a path. Use a glob expression as a pattern. @@ -47,6 +47,13 @@ with SI prefixes (.e.g 100MB). In addition, resource policies are maximums for each instance of ImageMagick (e.g. policy memory limit 1GB, -limit 2GB exceeds policy maximum so memory limit is 1GB). + + Rules are processed in order. Here we want to restrict ImageMagick to only + read or write a small subset of proven web-safe image types: + + <policy domain="delegate" rights="none" pattern="*" /> + <policy domain="coder" rights="none" pattern="*" /> + <policy domain="coder" rights="all" pattern="{GIF,JPEG,PNG,WEBP}" /> --> <policymap> <!-- <policy domain="resource" name="temporary-path" value="/tmp"/> --> |