Question for new "module" security policy

[PikachuEXE]

Saw this in change log for 7.0.8-11:
Add support for "module" security policy.

Also see a new line for policy.xml: https://github.com/ImageMagick/ImageMag ... cy.xml#L72

Code: Select all

<!-- <policy domain="module" rights="none" pattern="{PS,PDF,XPS}" /> -->

My question is: What can we put in pattern?
I already got errors when processing jpeg files with my existing policy.xml file

Code: Select all

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE policymap [
<!ELEMENT policymap (policy)+>
<!ELEMENT policy (#PCDATA)>
<!ATTLIST policy domain (cache|delegate|coder|path|resource|system) #IMPLIED>
<!ATTLIST policy name CDATA #IMPLIED>
<!ATTLIST policy rights CDATA #IMPLIED>
<!ATTLIST policy stealth CDATA #IMPLIED>
<!ATTLIST policy cache CDATA #IMPLIED>
<!ATTLIST policy coder CDATA #IMPLIED>
<!ATTLIST policy delegate CDATA #IMPLIED>
<!ATTLIST policy pattern CDATA #IMPLIED>
<!ATTLIST policy path CDATA #IMPLIED>
<!ATTLIST policy system CDATA #IMPLIED>
<!ATTLIST policy value CDATA #IMPLIED>
]>
<policymap>
  <policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/>

  <policy domain="delegate" rights="none" pattern="*" />
  <policy domain="coder" rights="none" pattern="*" />
  <policy domain="coder" rights="read | write" pattern="{GIF,JPEG,PNG,WEBP}" />
</policymap>

[fmw42]

You can enter either read or write or read|write (for both). Or keep it none.

Your policy.xml allow you to read and write GIF,JPEG,PNG,WEBP. So already have permission for reading and writing JPEG. I am not sure about the new module policy. I suspect it relates to a potential security deficiency in the Ghostscript delegate for reading and writing PS,PDF, XPS.

[PikachuEXE]

I got this error message:

Code: Select all

convert /tmp/mini_magick20180903-26-1b8y8zt.jpg[0] /tmp/mini_magick20180903-26-4kvhda.jpg` failed with error: convert: not authorized `JPG' @ error/constitute.c/IsCoderAuthorized/408

which is thrown at https://github.com/ImageMagick/ImageMag ... ute.c#L408

[fmw42]

try editing to add JPG in addition to JPEG

<policy domain="coder" rights="read | write" pattern="{GIF,JPEG,JPG,PNG,WEBP}" />

If that does not help, then perhaps post this to the Bugs forum.

But before that post your JPG file to see if there is anything wrong with it.

You could also comment out that policy line and it should go back to default which I believe is wide open in that regard.

[PikachuEXE]

Changing to

Code: Select all

<policy domain="coder" rights="read | write" pattern="{GIF,JPEG,JPG,PNG,WEBP}" />

does help thanks

But does why the name change now?
What are the available values?

[fmw42]

But does why the name change now?

What name change? Please clarify.

[PikachuEXE]

But does why the name change now?

What name change? Please clarify.

I mean the `JPEG` => `JPG` in "coder"

[fmw42]

I am not sure I understand. What is happening when you convert to a jpg image and what suffix are you using?

[PikachuEXE]

My files are using both .jpg and .jpeg as file name suffix
But the old policy (without `JPG` in coder policy) works before 7.0.8-11
On 7.0.8-11 it raises error as mentioned at viewtopic.php?f=1&t=34667#p159121

[fmw42]

The IM developers will need to comment. Perhaps they tightened the security policy in that regard.

[PikachuEXE]

The error only occurs when I use `convert` which convert an image file to a `.jpg` like

Code: Select all

convert image.png image.jpg

But if I use jpeg as suffix, there is no error:

Code: Select all

convert image.png image.jpeg

But I am not sure if this behaviour is intended or a bug

[fmw42]

convert is IM 6 syntax. You are on IM 7. To use convert, which would fall back to IM 6 processing on IM 7. On a Unix system, you could make a symbolic alias between convert and magick. Then when you use convert you would actually run magick on IM 7. On Windows, you need to check the legacy option when installing to allow you to use convert.

If you changed your policy.xml file as above, then I am not sure why convert would not work on jpg or jpeg suffixes.

At this point, I will have to defer to the IM developers to comment further.

[dlemstra]

What happens when you try the following configuration:

Code: Select all

 <policy domain="module" rights="read | write" pattern="{GIF,JPEG,PNG,WEBP}" />