Re: Using Imagemagick (Ghostscript) on cflinuxfs3 #cf


Mike Youngstrom
 

We ran into the same problem and had to do a custom build of imagemagick and distribute it with the application.  Later versions of cflinuxfs2 have the same security fix.  If anyone can come up with a better solution I'd like to hear it.

Mike

On Wed, Jan 30, 2019 at 7:12 AM Markus Tanner <markus.tanner@...> wrote:
Thanks for your suggestion.
I've tried something similar already.

Unfortunately overrides only work if they are more restrictive.

The default config looks like this:
  <policy domain="coder" rights="none" pattern="PS" />
  <policy domain="coder" rights="none" pattern="PDF" />

I would need to change it to this:
  <policy domain="coder" rights="read|write" pattern="PS" />
  <policy domain="coder" rights="read|write" pattern="PDF" />

But changing the policy only works other way round, from read|write to none.
So putting the policy in ~/.magick/ unfortunately has no effect.

Join cf-dev@lists.cloudfoundry.org to automatically receive all group messages.