Anthony, Thanks for your response. Maybe I wasn't entirely clear in my original e-mail.
The script will provide the input and output filenames; those are not controlled by the user. What I am concerned about is the possibility that the user would maliciously use additional arguments (such as -write) in the command line. It's not possible to "check all input from the user", as you suggest, because the specific options supported by imagemagick, and their arguments, changes over time. I can't control what version of imagemagick is running, thus the question: How to know what is a "safe" command line and what is not? Or alternatively, how to make command line safe? Shell characters are not an issue because no user input is ever passed to the shell, and imagemagick does not have the capacity to execute other programs. Cheers, --Ian On Sunday 22 June 2008 23:27:58 Anthony Thyssen wrote: > Ian Turner on wrote... > > | Hello list, > | > | Is there a safe way to execute a user-provided convert commandline > | without compromising system security? With the naive approach, a > | malicious user could submit a command that identifies the existence of a > | file (with e.g. -mask or image stacks) or overwrite a file (with e.g. > | -write). > > You would control the request, and ceck all input from the user. > > That is numbers are numbers, and identifiers do not not refer directly > to a file, but an identifer to a database of images that user is dealing > with. > > There should be no need for a web user to specifically specify a > filename directly. that is askign for trouble. > > Also do not allow special characters like / ; quotes etc etc etc. > Best to restrect them to a alphanumberic session identifier, rather than > actual filenames. > > This is all standard Web Programming security practices, and nothing to > do with IM itself. > > Anthony Thyssen ( System Programmer ) <[EMAIL PROTECTED]> > > --------------------------------------------------------------------------- >-- Zatheris is, used to being beast of burden to other peoples needs. Very > sad life. Probably a very sad death. At least there is symmetry! -- > Zatheris, Bablyon 5, ``War Without End'' > --------------------------------------------------------------------------- >-- Anthony's Home is his Castle http://www.cit.gu.edu.au/~anthony/ > _______________________________________________ > Magick-users mailing list > [email protected] > http://studio.imagemagick.org/mailman/listinfo/magick-users _______________________________________________ Magick-users mailing list [email protected] http://studio.imagemagick.org/mailman/listinfo/magick-users
