28 lines
1.0 KiB
XML
28 lines
1.0 KiB
XML
|
<policymap>
|
||
|
<!-- Set some basic system resource limits -->
|
||
|
<policy domain="resource" name="time" value="60" />
|
||
|
|
||
|
<policy domain="module" rights="none" pattern="URL" />
|
||
|
|
||
|
<policy domain="filter" rights="none" pattern="*" />
|
||
|
|
||
|
<!--
|
||
|
Ideally, we would restrict ImageMagick to only accessing its own
|
||
|
disk-backed pixel cache as well as Mastodon-created Tempfiles.
|
||
|
|
||
|
However, those paths depend on the operating system and environment
|
||
|
variables, so they can only be known at runtime.
|
||
|
|
||
|
Furthermore, those paths are not necessarily shared across Mastodon
|
||
|
processes, so even creating a policy.xml at runtime is impractical.
|
||
|
|
||
|
For the time being, only disable indirect reads.
|
||
|
-->
|
||
|
<policy domain="path" rights="none" pattern="@*" />
|
||
|
|
||
|
<!-- Disallow any coder by default, and only enable ones required by Mastodon -->
|
||
|
<policy domain="coder" rights="none" pattern="*" />
|
||
|
<policy domain="coder" rights="read | write" pattern="{PNG,JPEG,GIF,HEIC,WEBP}" />
|
||
|
<policy domain="coder" rights="write" pattern="{HISTOGRAM,RGB,INFO}" />
|
||
|
</policymap>
|