Date: Tue, 25 Jan 2022 00:09:47 +0000 From: bugzilla-noreply@freebsd.org To: desktop@FreeBSD.org Subject: [Bug 236109] graphics/ImageMagick6-nox11: policy.xml still needed? Message-ID: <bug-236109-39348-xz1IKrkGta@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-236109-39348@https.bugs.freebsd.org/bugzilla/> References: <bug-236109-39348@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D236109 Adriaan de Groot <adridg@freebsd.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |adridg@freebsd.org Resolution|--- |Not A Bug Status|New |Closed --- Comment #2 from Adriaan de Groot <adridg@freebsd.org> --- Since the patched `policy.xml` is installed as a sample file, it doesn't ma= tter much. However, the *un*patched policy file does a poor job of showing what kinds of policies / restrictions one might want to put in place. For that matter, so does the documentation at https://legacy.imagemagick.org/script/security-policy.php . So overall: we have a sample file that shows what might make sense if you're exposing ImageMagic to untrusted remote users: don't decode from https, .. don't support format MVG or MSL, whatever those are. The patch doesn't hurt, and might help a little. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-236109-39348-xz1IKrkGta>