pyrox.dev
imagemagick: Disable insecure coders (ImageTragick)
See:
* https://imagetragick.com/
* https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588
+2
pkgs/applications/graphics/ImageMagick/default.nix
+2
pkgs/applications/graphics/ImageMagick/default.nix
+15
pkgs/applications/graphics/ImageMagick/imagetragick.patch
+15
pkgs/applications/graphics/ImageMagick/imagetragick.patch
···
1
+
diff --git a/config/policy.xml b/config/policy.xml
2
+
index ca3b022..b058c05 100644
3
+
--- a/config/policy.xml
4
+
+++ b/config/policy.xml
5
+
@@ -58,4 +58,10 @@
6
+
<!-- <policy domain="resource" name="time" value="3600"/> -->
7
+
<!-- <policy domain="system" name="precision" value="6"/> -->
8
+
<policy domain="cache" name="shared-secret" value="passphrase"/>
9
+
+
10
+
+ <policy domain="coder" rights="none" pattern="EPHEMERAL" />
11
+
+ <policy domain="coder" rights="none" pattern="URL" />
12
+
+ <policy domain="coder" rights="none" pattern="HTTPS" />
13
+
+ <policy domain="coder" rights="none" pattern="MVG" />
14
+
+ <policy domain="coder" rights="none" pattern="MSL" />
15
+
</policymap>