Add PlantUML Security Profile by Default #51
Comments
|
Cross-referencing #50 |
|
Addition: It may also need to access the Graphviz/Dot engine binary. |
|
@LaurentRDC Could you maybe provide an example of the complete command that |
|
Hi there, The complete command which is run is equivalent to the following shell command: $executable $cmdargs -t$format -output "$outputPath" "$inputPath"With the default configuration, the command might look like: javaj -jar plantuml.jar -tpng -output "out.png" "diagram.uml"Would it be a good starting point to modify the configuration to match the command you want? Ultimately, we could also have the configuration contain the command template string, so that users can customize the command. However, I don't have time these days to look at this |
|
Would putting input and output files on |
It would be very good to run PlantUML in a mode with minimal access privileges, in order to contain any potential security issues.
Luckily, PlantUML provides readily available means for this, as documented here.
Basically, it should be sufficient for PlantUML to have access to the input file to convert and the path to which it should write the result of the conversion.
This can be achieved as follows:
The list of paths need to be combined using the
;(on Windows) or:(Linux/OSX) separator, like soI assume that the JRE needs access to only
.jarfile,plots/).I have not yet tested this on my machine, and the details may need to be fine-tuned, but my main point is that it should be made the default behavior. Otherwise, any vulnerability in PlantUML puts the entire Pandoc machine at risk.
The text was updated successfully, but these errors were encountered: