[magick-users] ImageMagick Security / Open resulting image in
browser
Stephan Wehner
stephanwehner at gmail.com
Fri Feb 2 13:06:46 CST 2007
Running a website where people can upload images, if I run the images
through ImageMagick (actually for resizing) will malicious code be
eliminated?
Are visitors going to be safe in the case the server doesn't crash,
and they access the ImageMagick-produced gif/png/jped within their
browser?
I could imagine if ImageMagick produces a matrix of all the pixels and
produces the image file based on this matrix it would be extremely
unlikely that the result would be harmful.
I guess to keep the upload-server from being compromised one would
need to apply some other safeguards. (That's not what I am after
here.)
Thanks,
Stephan
--
Stephan Wehner
> http://stephan.sugarmotor.org
> http://stephansmap.org
> http://www.trafficlife.com
> http://www.buckmaster.ca
More information about the Magick-users
mailing list