| 1 | <?xml version="1.0" encoding="UTF-8"?> |
---|
| 2 | <!DOCTYPE policymap [ |
---|
| 3 | <!ELEMENT policymap (policy)+> |
---|
| 4 | <!ELEMENT policy (#PCDATA)> |
---|
| 5 | <!ATTLIST policy domain (delegate|coder|filter|path|resource) #IMPLIED> |
---|
| 6 | <!ATTLIST policy name CDATA #IMPLIED> |
---|
| 7 | <!ATTLIST policy rights CDATA #IMPLIED> |
---|
| 8 | <!ATTLIST policy pattern CDATA #IMPLIED> |
---|
| 9 | <!ATTLIST policy value CDATA #IMPLIED> |
---|
| 10 | ]> |
---|
| 11 | <!-- |
---|
| 12 | Configure ImageMagick policies. |
---|
| 13 | |
---|
| 14 | Domains include system, delegate, coder, filter, path, or resource. |
---|
| 15 | |
---|
| 16 | Rights include none, read, write, and execute. Use | to combine them, |
---|
| 17 | for example: "read | write" to permit read from, or write to, a path. |
---|
| 18 | |
---|
| 19 | Use a glob expression as a pattern. |
---|
| 20 | |
---|
| 21 | Suppose we do not want users to process MPEG video images: |
---|
| 22 | |
---|
| 23 | <policy domain="delegate" rights="none" pattern="mpeg:decode" /> |
---|
| 24 | |
---|
| 25 | Here we do not want users reading images from HTTP: |
---|
| 26 | |
---|
| 27 | <policy domain="coder" rights="none" pattern="HTTP" /> |
---|
| 28 | |
---|
| 29 | Lets prevent users from executing any image filters: |
---|
| 30 | |
---|
| 31 | <policy domain="filter" rights="none" pattern="*" /> |
---|
| 32 | |
---|
| 33 | The /repository file system is restricted to read only. We use a glob |
---|
| 34 | expression to match all paths that start with /repository: |
---|
| 35 | |
---|
| 36 | <policy domain="path" rights="read" pattern="/repository/*" /> |
---|
| 37 | |
---|
| 38 | Any large image is cached to disk rather than memory: |
---|
| 39 | |
---|
| 40 | <policy domain="resource" name="area" value="1GB"/> |
---|
| 41 | |
---|
| 42 | Define arguments for the memory, map, area, and disk resources with |
---|
| 43 | SI prefixes (.e.g 100MB). In addition, resource policies are maximums for |
---|
| 44 | each instance of ImageMagick (e.g. policy memory limit 1GB, -limit 2GB |
---|
| 45 | exceeds policy maximum so memory limit is 1GB). |
---|
| 46 | --> |
---|
| 47 | <policymap> |
---|
| 48 | <!-- <policy domain="resource" name="temporary-path" value="/tmp"/> --> |
---|
| 49 | <!-- <policy domain="resource" name="memory" value="2GiB"/> --> |
---|
| 50 | <!-- <policy domain="resource" name="map" value="4GiB"/> --> |
---|
| 51 | <!-- <policy domain="resource" name="area" value="1GB"/> --> |
---|
| 52 | <!-- <policy domain="resource" name="disk" value="16EB"/> --> |
---|
| 53 | <!-- <policy domain="resource" name="file" value="768"/> --> |
---|
| 54 | <!-- <policy domain="resource" name="thread" value="4"/> --> |
---|
| 55 | <!-- <policy domain="resource" name="throttle" value="0"/> --> |
---|
| 56 | <!-- <policy domain="resource" name="time" value="3600"/> --> |
---|
| 57 | <!-- <policy domain="system" name="precision" value="6"/> --> |
---|
| 58 | <policy domain="cache" name="shared-secret" value="passphrase"/> |
---|
| 59 | <policy domain="coder" rights="none" pattern="EPHEMERAL" /> |
---|
| 60 | <policy domain="coder" rights="none" pattern="URL" /> |
---|
| 61 | <policy domain="coder" rights="none" pattern="HTTPS" /> |
---|
| 62 | <policy domain="coder" rights="none" pattern="MVG" /> |
---|
| 63 | <policy domain="coder" rights="none" pattern="MSL" /> |
---|
| 64 | </policymap> |
---|