FS#60754 - ImageMagick 7.0.8-14, default installation doesn't 'convert' to pdf
Attached to Project:
Arch Linux
Opened by atul akb (whyGi) - Friday, 09 November 2018, 10:41 GMT
Last edited by Doug Newgard (Scimmia) - Friday, 09 November 2018, 13:29 GMT
Opened by atul akb (whyGi) - Friday, 09 November 2018, 10:41 GMT
Last edited by Doug Newgard (Scimmia) - Friday, 09 November 2018, 13:29 GMT
|
Details
Package:
======== ImageMagick 7.0.8-14 Q16 x86_64 2018-10-24 References: =========== Description: ============ 1- cmd> convert xzy.jpg xyzpdf 2- output> convert: attempt to perform an operation not allowed by the security policy `PDF' @ error/constitute.c/IsCoderAuthorized/408. (ie) the conversion fails. 3- the solutions in the two threads above both worked (ie) edit /etc/imageMagick-7/policy.xml to delete the line: <policy domain="coder" rights="none" pattern="{PS,PS2,PS3,EPS,PDF,XPS}" /> or change it from "none" to "all" Comments/ Request ================= 1- please go easy - I'm a healthworker not a programmer :: this is my first bug report - ever. Most of all I just want to 'upvote' the 2 previous threads but don't think that's possible. 2- I'm guessing that with the next Imagemagick update is going to over-write the fix. Which means that the shipped convert utility is going to get broken (for my usecase) every time it updates. 3- The same policy might affect other functions that I don't use very often?? does anyone know? 4- I infer that there's a security risk associated with giving the "coder" all rights but I don't actually understand what. I would guess that in some environments (eg running on a server?? running as an automated script?) the coder could do harm. I don't know if a person's home PC is one of those vulnerable environments but in terms of end user the risk mitigation makes the utility non-functional and breaks the previous function that I've always used it for. 5- Might I suggest an alternative approach. Could the installer be interactive and do something, anything to ask whether the 'coder' should be denied rights (to increase the security but reduce functionality) and the default option be to set the policy so that "convert" works? 6- I'm sure there's a million other ways to address this so I'm hopeful that one of my favourite "look what I can do on linux" tools is repaired. Maybe a more informative response in place of that 'operation not allowed' message?? thanks & kind regards Additional info: * package version(s) -- above * config and/or log files etc. -- above Steps to reproduce: -- above |
This task depends upon
Closed by Doug Newgard (Scimmia)
Friday, 09 November 2018, 13:29 GMT
Reason for closing: Duplicate
Additional comments about closing: FS#60580
FS#60607
Don't do that.
Friday, 09 November 2018, 13:29 GMT
Reason for closing: Duplicate
Additional comments about closing:
Don't do that.