Add imagemagick policy to object store dev image

This commit is contained in:
Aode (lion) 2021-11-16 09:45:43 -06:00
parent 0d153ca239
commit ec434cd06e
2 changed files with 21 additions and 0 deletions

View file

@ -15,6 +15,8 @@ RUN \
-g $GID \
app
COPY root/ /
COPY ./pict-rs.toml /etc/pict-rs.toml
ENV PATH=$PATH:/usr/bin/vendor_perl

View file

@ -0,0 +1,19 @@
<policymap>
<policy domain="resource" name="memory" value="256MiB" />
<policy domain="resource" name="list-length" value="128" />
<policy domain="resource" name="width" value="10KP" />
<policy domain="resource" name="height" value="10KP" />
<policy domain="resource" name="map" value="512MiB" />
<policy domain="resource" name="area" value="40MP" />
<policy domain="resource" name="disk" value="1GiB" />
<policy domain="resource" name="file" value="768" />
<policy domain="resource" name="thread" value="2" />
<policy domain="coder" rights="none" pattern="*" />
<policy domain="coder" rights="read | write" pattern="{GIF,JPEG,PNG,WEBP,MP4,TMP,PAM}" />
<policy domain="filter" rights="none" pattern="*" />
<policy domain="path" rights="none" pattern="@*" />
<policy domain="module" rights="none" pattern="*" />
<policy domain="module" rights="read | write" pattern="{GIF,JPEG,PNG,WEBP,MP4,TMP,PAM}" />
<!-- indirect reads not permitted -->
<policy domain="system" name="precision" value="6" />
</policymap>