Ghostscript / ImageMagick / GraphicsMagick vulnerability mitigation?

unofficial mirror of guix-devel@gnu.org 
 help / color / mirror / code / Atom feed

From: Leo Famulari <leo@famulari.name>
To: guix-devel@gnu.org
Subject: Ghostscript / ImageMagick / GraphicsMagick vulnerability mitigation?
Date: Thu, 23 Aug 2018 17:04:45 -0400	[thread overview]
Message-ID: <20180823210445.GA11845@jasmine.lan> (raw)

[-- Attachment #1: Type: text/plain, Size: 1099 bytes --]

For the last couple years, people have been finding exploitable bugs in
the image processing system based on Ghostscript and ImageMagick /
GraphicsMagick:

http://seclists.org/oss-sec/2018/q3/142
http://seclists.org/oss-sec/2016/q4/29

Despite these issues, these programs are still the best way to achieve
some common image processing goals, so we have to think about how to
make them safer.

The primary recommendation seems to be setting a restrictive security
policy in ImageMagick's policy.xml file, as described in the discussions
linked above.

Currently, Guix doesn't "set up" ImageMagick at all upon installation,
which is different from some other systems like Debian and Fedora and
their cousins, where the vulnerabilities are more dire [0]. Our
ImageMagick package includes the default, unrestricted policy.xml.

But, I'm wondering if anyone is using these tools in production from
Guix and, if so, how they do it, and if they would like us to ship a
non-default, more restrictive policy.xml in our package. And if so,
could they write the policy.xml? :)

[0] https://bugs.gnu.org/32515

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

next             reply	other threads:[~2018-08-23 21:04 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-08-23 21:04 Leo Famulari [this message]
2018-08-24 13:04 ` Ghostscript / ImageMagick / GraphicsMagick vulnerability mitigation? Ludovic Courtès
2018-08-24 19:10   ` Leo Famulari
2018-08-25 14:52     ` Ludovic Courtès

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://guix.gnu.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180823210445.GA11845@jasmine.lan \
    --to=leo@famulari.name \
    --cc=guix-devel@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).