summaryrefslogtreecommitdiff
path: root/media-gfx/imagemagick/files
diff options
context:
space:
mode:
Diffstat (limited to 'media-gfx/imagemagick/files')
-rw-r--r--media-gfx/imagemagick/files/policy-hardening.snippet9
-rw-r--r--media-gfx/imagemagick/files/policy.test.xml17
2 files changed, 26 insertions, 0 deletions
diff --git a/media-gfx/imagemagick/files/policy-hardening.snippet b/media-gfx/imagemagick/files/policy-hardening.snippet
new file mode 100644
index 0000000..c1a91b0
--- /dev/null
+++ b/media-gfx/imagemagick/files/policy-hardening.snippet
@@ -0,0 +1,9 @@
+<policymap>
+ <!-- https://www.kb.cert.org/vuls/id/332928 mitigation / https://bugs.gentoo.org/664236 -->
+ <policy domain="coder" rights="none" pattern="PS" />
+ <policy domain="coder" rights="none" pattern="PS2" />
+ <policy domain="coder" rights="none" pattern="PS3" />
+ <policy domain="coder" rights="none" pattern="EPS" />
+ <policy domain="coder" rights="none" pattern="PDF" />
+ <policy domain="coder" rights="none" pattern="XPS" />
+
diff --git a/media-gfx/imagemagick/files/policy.test.xml b/media-gfx/imagemagick/files/policy.test.xml
new file mode 100644
index 0000000..6db44b7
--- /dev/null
+++ b/media-gfx/imagemagick/files/policy.test.xml
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policymap [
+ <!ELEMENT policymap (policy)+>
+ <!ATTLIST policymap xmlns CDATA #FIXED ''>
+ <!ELEMENT policy EMPTY>
+ <!ATTLIST policy xmlns CDATA #FIXED '' domain NMTOKEN #REQUIRED
+ name NMTOKEN #IMPLIED pattern CDATA #IMPLIED rights NMTOKEN #IMPLIED
+ stealth NMTOKEN #IMPLIED value CDATA #IMPLIED>
+]>
+<policymap>
+ <!-- Policy used for test suite only to allow passing test suite
+ in case user has installed a restriction which would prevent
+ the execution of some tests -->
+ <policy domain="delegate" rights="read|write" pattern="*" />
+ <policy domain="filter" rights="read|write" pattern="*" />
+ <policy domain="coder" rights="read|write" pattern="*" />
+</policymap>
generated by cgit v1.2.3-70-g09d2 (git 2.47.0) at 2024-11-22 13:19:26 +0000