Skip to content

Commit

Permalink
improve policy description
Browse files Browse the repository at this point in the history
  • Loading branch information
Cristy committed Aug 27, 2023
1 parent b0664d5 commit 06e3ecf
Show file tree
Hide file tree
Showing 4 changed files with 6 additions and 5 deletions.
2 changes: 1 addition & 1 deletion config/limited-policy.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@
<!-- Ensure all image data is fully flushed and synchronized to disk. -->
<!-- <policy domain="cache" name="synchronize" value="true"/> -->
<!-- Replace passphrase for secure distributed processing -->
<!-- <policy domain="cache" name="shared-secret" value="my-secret-passphrase" stealth="true"/> -->
<!-- <policy domain="cache" name="shared-secret" value="secret-passphrase" stealth="true"/> -->
<!-- Do not permit any delegates to execute. -->
<!-- <policy domain="delegate" rights="none" pattern="*"/> -->
<!-- Do not permit any image filters to load. -->
Expand Down
2 changes: 1 addition & 1 deletion config/open-policy.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,7 +128,7 @@
<!-- Ensure all image data is fully flushed and synchronized to disk. -->
<!-- <policy domain="cache" name="synchronize" value="true"/> -->
<!-- Replace passphrase for secure distributed processing -->
<!-- <policy domain="cache" name="shared-secret" value="my-secret-passphrase" stealth="true"/> -->
<!-- <policy domain="cache" name="shared-secret" value="secret-passphrase" stealth="true"/> -->
<!-- Do not permit any delegates to execute. -->
<!-- <policy domain="delegate" rights="none" pattern="*"/> -->
<!-- Do not permit any image filters to load. -->
Expand Down
2 changes: 1 addition & 1 deletion config/secure-policy.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@
<!-- Ensure all image data is fully flushed and synchronized to disk. -->
<policy domain="cache" name="synchronize" value="true"/>
<!-- Replace passphrase for secure distributed processing -->
<!-- <policy domain="cache" name="shared-secret" value="my-secret-passphrase" stealth="true"/> -->
<!-- <policy domain="cache" name="shared-secret" value="secret-passphrase" stealth="true"/> -->
<!-- Do not permit any delegates to execute. -->
<policy domain="delegate" rights="none" pattern="*"/>
<!-- Do not permit any image filters to load. -->
Expand Down
5 changes: 3 additions & 2 deletions config/websafe-policy.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@
<!-- Ensure all image data is fully flushed and synchronized to disk. -->
<policy domain="cache" name="synchronize" value="true"/>
<!-- Replace passphrase for secure distributed processing -->
<!-- <policy domain="cache" name="shared-secret" value="my-secret-passphrase" stealth="true"/> -->
<!-- <policy domain="cache" name="shared-secret" value="secret-passphrase" stealth="true"/> -->
<!-- Do not permit any delegates to execute. -->
<policy domain="delegate" rights="none" pattern="*"/>
<!-- Do not permit any image filters to load. -->
Expand All @@ -88,7 +88,8 @@
<policy domain="path" rights="none" pattern="/etc/*"/>
<!-- Indirect reads are not permitted. -->
<policy domain="path" rights="none" pattern="@*"/>
<!-- Only allow reading or writing web-safe image formats. -->
<!-- Deny all image modules and specifically exempt reading or writing
web-safe image formats. -->
<policy domain="module" rights="none" pattern="*" />
<policy domain="module" rights="read | write" pattern="{GIF,JPEG,PNG,WEBP}" />
<!-- This policy sets the number of times to replace content of certain
Expand Down

0 comments on commit 06e3ecf

Please sign in to comment.