...

author: Cristy <urban-warrior@imagemagick.org> 2017-02-09 18:45:55 -0500
committer: Cristy <urban-warrior@imagemagick.org> 2017-02-09 18:45:55 -0500
commit: 56c6bc3705f49f3acd3b7726ae33e36e8c1af71d (patch)
tree: db85d204e102b2a8095bf3b5febf424f64fc69ef /config/policy.xml
parent: 08359ab14b5ac19de9032906cf488340ec721a1b (diff)
download: ImageMagick-56c6bc3705f49f3acd3b7726ae33e36e8c1af71d.tar.gz
1 files changed, 8 insertions, 1 deletions
diff --git a/config/policy.xml b/config/policy.xml
index 5ec314c46..c1b678381 100644
--- a/config/policy.xml
+++ b/config/policy.xml
@@ -13,7 +13,7 @@
 
   Domains include system, delegate, coder, filter, path, or resource.
 
-  Rights include none, read, write, and execute.  Use | to combine them,
+  Rights include none, read, write, execute and all.  Use | to combine them,
   for example: "read | write" to permit read from, or write to, a path.
 
   Use a glob expression as a pattern.
@@ -47,6 +47,13 @@
   with SI prefixes (.e.g 100MB).  In addition, resource policies are maximums
   for each instance of ImageMagick (e.g. policy memory limit 1GB, -limit 2GB
   exceeds policy maximum so memory limit is 1GB).
+
+  Rules are processed in order.  Here we want to restrict ImageMagick to only
+  read or write a small subset of proven web-safe image types:
+
+    <policy domain="delegate" rights="none" pattern="*" />
+    <policy domain="coder" rights="none" pattern="*" />
+    <policy domain="coder" rights="all" pattern="{GIF,JPEG,PNG,WEBP}" />
 -->
 <policymap>
   <!-- <policy domain="resource" name="temporary-path" value="/tmp"/> -->
author	Cristy <urban-warrior@imagemagick.org>	2017-02-09 18:45:55 -0500
committer	Cristy <urban-warrior@imagemagick.org>	2017-02-09 18:45:55 -0500
commit	56c6bc3705f49f3acd3b7726ae33e36e8c1af71d (patch)
tree	db85d204e102b2a8095bf3b5febf424f64fc69ef /config/policy.xml
parent	08359ab14b5ac19de9032906cf488340ec721a1b (diff)
download	ImageMagick-56c6bc3705f49f3acd3b7726ae33e36e8c1af71d.tar.gz