Windows IIS6 Instal/Security Concerns

Questions and postings pertaining to the usage of ImageMagick regardless of the interface. This includes the command-line utilities, as well as the C and C++ APIs. Usage questions are like "How do I use ImageMagick to create drop shadows?".
Post Reply
herrclauseman

Windows IIS6 Instal/Security Concerns

Post by herrclauseman »

Hello,

A client is requesting that we install ImageMagick for their use on a
shared 2003 IIS6 server. Everything I've read so far seems to indicate
that there are security concerns ie cmd.exe permissions for the ISUR
account etc... is there a "best practice" for the ImageMagick install
to make it as secure as possible?

Regards,
Jason
Top
User avatar
magick
Site Admin
Posts: 11064
Joined: 2003-05-31T11:32:55-07:00

Re: Windows IIS6 Instal/Security Concerns

Post by magick »

We include an ImageMagick COM object which should be more secure than accessing ImageMagick from the command line. See http://www.imagemagick.org/script/ImageMagickObject.php. We also include a security policy that by default any coder, delegate, filter, or file path is permitted. Use a policy to deny access to, for example, the MPEG video delegate, or permit reading images from a file system but deny writing to that same file system. Or use the resource policy to set resource limits (e.g. large images are cached to disk rather than memory). See policy.xml @ http://www.imagemagick.org/script/resou ... #configure.

We are primarily Linux developers so hopefully a user more familiar with the Windows environment will comment about Windows security and ImageMagick.
Top
Post Reply

Return to “Users”