From c9b3847a6901cd8ea42e8545b26a435393580b46 Mon Sep 17 00:00:00 2001 From: Lovell Fuller Date: Sat, 7 May 2016 19:48:06 +0100 Subject: [PATCH] Docs: basic security considerations for installation #424 --- docs/install.md | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/docs/install.md b/docs/install.md index 73478480..20de7e8b 100644 --- a/docs/install.md +++ b/docs/install.md @@ -157,3 +157,38 @@ You can now download your deployment ZIP using `scp` and upload it to Lambda. Be * [gulp-responsive](https://www.npmjs.com/package/gulp-responsive) * [grunt-sharp](https://www.npmjs.com/package/grunt-sharp) + +### Security + +Many users of this module process untrusted, user-supplied images, +but there are aspects of security to consider when doing so. + +It is possible to compile libvips with support for various third-party image loaders. +Each of these libraries has undergone differing levels of security testing. + +Whilst tools such as [American Fuzzy Lop](http://lcamtuf.coredump.cx/afl/) +and [Valgrind](http://valgrind.org/) have been used to test +the most popular web-based formats, as well as libvips itself, +you are advised to perform your own testing and sandboxing. + +ImageMagick in particular has a relatively large attack surface, +which can be partially mitigated with a +[policy.xml](http://www.imagemagick.org/script/resources.php) +configuration file to prevent the use of coders known to be vulnerable. + +```xml + + + + + + + + + + + +``` + +Set the `MAGICK_CONFIGURE_PATH` environment variable +to the directory containing the `policy.xml` file.