16 lines
876 B
Diff
16 lines
876 B
Diff
--- a/config/policy-secure.xml
|
|
+++ b/config/policy-secure.xml
|
|
@@ -92,8 +92,10 @@
|
|
<policy domain="path" rights="none" pattern="/etc/*"/>
|
|
<!-- Indirect reads are not permitted. -->
|
|
<policy domain="path" rights="none" pattern="@*"/>
|
|
+ <!-- These image types can expose risks on read and write -->
|
|
+ <policy domain="module" rights="none" pattern="{EPHEMERAL,URL,HTTPS,MVG,MSL,TEXT,SHOW,WIN,PLT}"/>
|
|
<!-- These image types are security risks on read, but write is fine -->
|
|
- <policy domain="module" rights="write" pattern="{MSL,MVG,PS,SVG,URL,XPS}"/>
|
|
+ <policy domain="module" rights="write" pattern="{MSL,MVG,PS,SVG,URL,XPS,PDF,EPI,EPS,PCL,PS1,PS2,PS3}"/>
|
|
<!-- This policy sets the number of times to replace content of certain
|
|
memory buffers and temporary files before they are freed or deleted. -->
|
|
<policy domain="system" name="shred" value="1"/>
|
|
|