Re: Secure PDF viewer
On Fri, 3 Apr 2015 08:24:36 + (UTC) Stuart Henderson wrote: I'm not sure whether the in-browser renderers are based on these or something else, Firefox uses jspdf (javascript pdf) I think but am not sure if this is the right link https://github.com/MrRio/jsPDF I don't trust it myself and disable it in firefox online when I do use firefox. It's pretty useful offline though for bookmarking pages in many pdfs sorted by subject.
Re: Secure PDF viewer
On Sat, Apr 4, 2015, at 01:17 PM, Landry Breuil wrote: On Sat, Apr 4, 2015 at 6:31 PM, Kevin Chadwick m8il1i...@gmail.com wrote: On Fri, 3 Apr 2015 08:24:36 + (UTC) Stuart Henderson wrote: I'm not sure whether the in-browser renderers are based on these or something else, Firefox uses jspdf (javascript pdf) I think but am not sure if this is the right link https://github.com/MrRio/jsPDF Why do ppl feel compelled to reply when they have no clue about a subject ? Firefox uses https://github.com/mozilla/pdf.js/ developped my mozilla itself, and it's as secure as any pdf viewer. So what does that mean? Are you saying there are no secure pdf viewers or that I don't really need to worry about it that much?
Re: Secure PDF viewer
On Sat, Apr 4, 2015 at 6:31 PM, Kevin Chadwick m8il1i...@gmail.com wrote: On Fri, 3 Apr 2015 08:24:36 + (UTC) Stuart Henderson wrote: I'm not sure whether the in-browser renderers are based on these or something else, Firefox uses jspdf (javascript pdf) I think but am not sure if this is the right link https://github.com/MrRio/jsPDF Why do ppl feel compelled to reply when they have no clue about a subject ? Firefox uses https://github.com/mozilla/pdf.js/ developped my mozilla itself, and it's as secure as any pdf viewer. Landry
Re: Secure PDF viewer
On Sat, 4 Apr 2015 19:17:37 +0200 Landry Breuil wrote: developped my mozilla itself, and it's as secure as any pdf viewer. Well, I disagree and I am sure history will tell.
Re: Secure PDF viewer
On 2015-04-02, Eric Furman ericfur...@fastmail.net wrote: I sometimes have to deal with PDF files (ugh) and all I need is the ability to view and print them, nothing fancy. With security in mind I would like to get opinions on the best one to use. So outside of Adobe's software there are a couple of different codebases for rendering PDFs. xpdf-derived (including Poppler), mupdf, iText (java one, mostly used in pdf manipulation programs), ghostscript. For open-source viewers, most are based on either poppler or mupdf. I'm not sure whether the in-browser renderers are based on these or something else, and likewise I don't know what code is used by printers that have direct pdf print support. Historically the xpdf/poppler code has shown up quite a few security-related bugs. mupdf has seen fewer but it's less widely used so may not have seen so much effort spent trying to break it. mupdf has a library, used by its own viewer and some other pdf viewers, e.g. zathura has it as an option. (I normally use mupdf's own viewer and if I didn't I would normally try to use something using that library unless I ran into some incompatibility). I haven't noticed any of the different viewers having any particular security-related features so within a particular library, I don't think there's a big reason to choose one viewer over another at the moment. Given the sort of data they're handling, it would be really nice if viewers had sandboxing for the parser/renderer...
Re: Secure PDF viewer
Hi, John D. Verne wrote on Thu, Apr 02, 2015 at 09:33:25AM -0400: Somebody wrote: I sometimes have to deal with PDF files (ugh) and all I need is the ability to view and print them, nothing fancy. With security in mind I would like to get opinions on the best one to use. There are PDF-to-mandoc converters out there. What?! Where, can you provide hyperlinks? A quick web search didn't turn up anything obvious for me. (I'm the mandoc(1) mantainer and would like to know if such a thing existed.) Assuming the conversion tool is sound, That is unlikely. I wouldn't know how to write a PDF to mandoc converter short of losing almost all of the formatting and heuristically creating markup in doclifter(1)/pod2mdoc(1) style from scratch. Are you maybe confusing PDF-to-mandoc and mdoc/man-to-PDF converters? The latter are indeed readily available, including mandoc(1). I imagine OBSD mandoc is pretty secure. Not perfect, but certainly better than typical PDF viewers. However, the OP asked for ways to *print* PDF files. Even for printing mdoc(7) or man(7) files, i would recommend converting them to PostScript or PDF with mandoc(1) and then printing that. So i don't understand how even a good PDF-to-mandoc converter (whatever that would do in detail) might help the OP at all... Yours, Ingo
Re: Secure PDF viewer
On Thu, 2 Apr 2015 11:47:04 -0400 Jiri B ji...@devio.us wrote: On Thu, Apr 02, 2015 at 12:33:25AM -0400, Eric Furman wrote: I sometimes have to deal with PDF files (ugh) and all I need is the ability to view and print them, nothing fancy. With security in mind I would like to get opinions on the best one to use. Thanks. hardly any existing software is written with security in mind, so... mitigation is the word. and since sometimes even the best coders may slip up... Run it chrooted under non-default (0) routing domain and you should be in 99 % fine. and running under it's own user as well. some of these mitigation techniques and more have been discussed recently: https://marc.info/?l=openbsd-miscm=142703553113760w=2 https://marc.info/?l=openbsd-miscm=142637712203350w=2 https://marc.info/?l=openbsd-miscm=142676615612510w=2 the last thread is my experiments with ssh chroot jailing. if you decide to go the chroot route, you need to read that. you would have to do some additional work (eg set up a device) to get a printer working. there is also some info on using Xephyr. i use a jailed xpdf myself just as in the examples. and instead of routing, i use a pf rule: block out log pass out log quick on $intif proto tcp user { root, browse, 1000 } pass out log quick on $intif proto udp user { root, browse, 1000 } but you could just block the one user: block out log quick on $intif proto tcp user pdf block out log quick on $intif proto udp user pdf pass out at the very least, you want to run it under it's own user, using 'ssh -X' and Xephyr. (I still can't figure out how to make apps in Xephyr maximalized without help of a WM.) many programs have command line options to control some of this. eg 'xpdf -fullscreen'. although that doesn't always give me the interface i want. but 'xpdf -geometry xXy' works too. i have scripts that syncronize the Xephyr geometry and the app's. j. in sum, a dedicated unpriviledged user, using ssh -X and Xephyr, with a pf rule (as above), and maybe chroot. about the best you can do for any program. one of those threads is about systrace, but that might be more complicated to set up (haven't looked into it too much myself).
Re: Secure PDF viewer
Thanks for the info and I expected someone to suggest this, but I didn't really want to go all crazy. :) I wanted to know if there was a secure one so I wouldn't have to jump through all these kind of hoops. Thanks anyway. On Thu, Apr 2, 2015, at 04:17 PM, dan mclaughlin wrote: On Thu, 2 Apr 2015 11:47:04 -0400 Jiri B ji...@devio.us wrote: On Thu, Apr 02, 2015 at 12:33:25AM -0400, Eric Furman wrote: I sometimes have to deal with PDF files (ugh) and all I need is the ability to view and print them, nothing fancy. With security in mind I would like to get opinions on the best one to use. Thanks. hardly any existing software is written with security in mind, so... mitigation is the word. and since sometimes even the best coders may slip up... Run it chrooted under non-default (0) routing domain and you should be in 99 % fine. and running under it's own user as well. some of these mitigation techniques and more have been discussed recently: https://marc.info/?l=openbsd-miscm=142703553113760w=2 https://marc.info/?l=openbsd-miscm=142637712203350w=2 https://marc.info/?l=openbsd-miscm=142676615612510w=2 the last thread is my experiments with ssh chroot jailing. if you decide to go the chroot route, you need to read that. you would have to do some additional work (eg set up a device) to get a printer working. there is also some info on using Xephyr. i use a jailed xpdf myself just as in the examples. and instead of routing, i use a pf rule: block out log pass out log quick on $intif proto tcp user { root, browse, 1000 } pass out log quick on $intif proto udp user { root, browse, 1000 } but you could just block the one user: block out log quick on $intif proto tcp user pdf block out log quick on $intif proto udp user pdf pass out at the very least, you want to run it under it's own user, using 'ssh -X' and Xephyr. (I still can't figure out how to make apps in Xephyr maximalized without help of a WM.) many programs have command line options to control some of this. eg 'xpdf -fullscreen'. although that doesn't always give me the interface i want. but 'xpdf -geometry xXy' works too. i have scripts that syncronize the Xephyr geometry and the app's. j. in sum, a dedicated unpriviledged user, using ssh -X and Xephyr, with a pf rule (as above), and maybe chroot. about the best you can do for any program. one of those threads is about systrace, but that might be more complicated to set up (haven't looked into it too much myself).
Re: Secure PDF viewer
On Thu, 02 Apr 2015 23:11:57 -0400 Eric Furman ericfur...@fastmail.net wrote: Thanks for the info and I expected someone to suggest this, but I didn't really want to go all crazy. :) I wanted to know if there was a secure one so I wouldn't have to jump through all these kind of hoops. Thanks anyway. doing the whole thing may be extreme, but you needn't go that far. a good tradeoff between convenience and security here may be: a separate user, that you login to using 'ssh -X', and deny access via pf. that way they are unpriviledged, there is a filter between that user and X (ssh -X) and just in case, deny net access to prevent leaking or communicating and downloading more sophisticated code. shouldn't take more than a minute to set that up, and then just a single command line to use.
Re: Secure PDF viewer
On Thu, Apr 02, 2015 at 12:33:25AM -0400, Eric Furman wrote: I sometimes have to deal with PDF files (ugh) and all I need is the ability to view and print them, nothing fancy. With security in mind I would like to get opinions on the best one to use. Thanks. Run it chrooted under non-default (0) routing domain and you should be in 99 % fine. (I still can't figure out how to make apps in Xephyr maximalized without help of a WM.) j.
Re: Secure PDF viewer
I sometimes have to deal with PDF files (ugh) and all I need is the ability to view and print them, nothing fancy. With security in mind I would like to get opinions on the best one to use. Thanks. There are PDF-to-mandoc converters out there. Assuming the conversion tool is sound, I imagine OBSD mandoc is pretty secure. -- John D. Verne j...@clevermonkey.org
Re: Secure PDF viewer
Hi, Eric Furman wrote: I sometimes have to deal with PDF files (ugh) and all I need is the ability to view and print them, nothing fancy. With security in mind I would like to get opinions on the best one to use. Thanks. I use GSPdf, which just calls ghostscript, you could ghostscript itself. I think it is safer than xpdf/poppler. But that maybe a false conviction, I have no hard data. Riccardo