Package: imagemagick-6-common Version: 8:6.9.7.4+dfsg-9 Followup-For: Bug #860763
I agree with the original reporter here. The policy includes arbitrary limits which cannot easily be modified by invoking the commands. If we want to ensure the "resource" limits do not get exceeded in order to avoid a potential DOS, the admin should use ulimit(1). The '<policy domain="path" rights="none" pattern="@*"/>' policy also kills the ability to annotate text in a pipe: echo 'x' | convert -annotate '@-' ... will fail with a 'not authorized' error, which is rather confusing as this is precisely the kind of example as done in the documentation. Of course, @[path] will allow to read-in external data, but this somehow implies that the user of convert is *not* under control of the annotation text. This seems a rather weak form of protection which prevents a rather useful feature. The only "policy" that I agree with is to disable remote delegates (I never expect an image toolkit to perform remote queries). -- Package-specific info: ImageMagick program version --------------------------- animate: ImageMagick 6.9.7-4 Q16 x86_64 20170114 http://www.imagemagick.org compare: ImageMagick 6.9.7-4 Q16 x86_64 20170114 http://www.imagemagick.org convert: ImageMagick 6.9.7-4 Q16 x86_64 20170114 http://www.imagemagick.org composite: ImageMagick 6.9.7-4 Q16 x86_64 20170114 http://www.imagemagick.org conjure: ImageMagick 6.9.7-4 Q16 x86_64 20170114 http://www.imagemagick.org display: ImageMagick 6.9.7-4 Q16 x86_64 20170114 http://www.imagemagick.org identify: ImageMagick 6.9.7-4 Q16 x86_64 20170114 http://www.imagemagick.org import: ImageMagick 6.9.7-4 Q16 x86_64 20170114 http://www.imagemagick.org mogrify: ImageMagick 6.9.7-4 Q16 x86_64 20170114 http://www.imagemagick.org montage: ImageMagick 6.9.7-4 Q16 x86_64 20170114 http://www.imagemagick.org stream: ImageMagick 6.9.7-4 Q16 x86_64 20170114 http://www.imagemagick.org -- System Information: Debian Release: 9.0 APT prefers unstable APT policy: (900, 'unstable'), (800, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.11.0-trunk-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -- Configuration Files: /etc/ImageMagick-6/policy.xml changed [not included]
