blob: de11fccec7ee2aa8fbbee31d8f9e7ed5c5534711 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
--- ./config/policy.xml.orig 2012-03-02 19:18:13.000000000 -0600
+++ ./config/policy.xml 2016-05-10 15:59:23.651232588 -0500
@@ -45,6 +45,16 @@
exceeds policy maximum so memory limit is 1GB).
-->
<policymap>
+ <!-- SECURITY: disable potentially insecure coders: -->
+ <policy domain="coder" rights="none" pattern="EPHEMERAL" />
+ <policy domain="coder" rights="none" pattern="HTTPS" />
+ <policy domain="coder" rights="none" pattern="MVG" />
+ <policy domain="coder" rights="none" pattern="MSL" />
+ <policy domain="coder" rights="none" pattern="TEXT" />
+ <policy domain="coder" rights="none" pattern="SHOW" />
+ <policy domain="coder" rights="none" pattern="WIN" />
+ <policy domain="coder" rights="none" pattern="PLT" />
+ <!-- Some examples: -->
<!-- <policy domain="system" name="precision" value="6"/> -->
<!-- <policy domain="resource" name="temporary-path" value="/tmp"/> -->
<!-- <policy domain="resource" name="memory" value="2GiB"/> -->
|