External Content And Document Security; Enhanced Security - Adobe 22002484 Manual

Security guide

Hide thumbs Also See for 22002484:

Using manual (380 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

page of 149

/ 149
Contents
Table of Contents
Bookmarks

Table of Contents

External Content and Document Security

Document access to internal and external content such as the Internet, attachments, and embedded

multimedia represents a security risk. Users should configure their application so that it operates at an

acceptable risk level. In enterprise settings, administrators should either preconfigure client installations or

distribute instructions for setting up the application correctly.

For details about application settings that control how documents interact with elements outside of the

document, see the following:

"Enhanced Security" on page 95



"Controlling Multimedia" on page 98



"Setting JavaScript Options" on page 101



"Working with Attachments" on page 103



"Controlling Access to Referenced Files and XObjects" on page 109



"Internet URL Access" on page 109



8.1 Enhanced Security

Like all other file formats, a PDF or an FDF file could contain a malicious script or perform some action that

can damage a computer or steal data when it is run. Enhanced Security enables control of potentially risky

behavior by allowing users to turn on enhanced security and either prevent dangerous actions altogether

or else only permit them based on whether they reside in a privileged location. These behaviors include:

silent printing; cross-domain access, external stream access, and internet access; and script and data

injection. . For example, if a PDF has an embedded script, but it is from your company, it downloads.

Acrobat and Reader provide two ways to block potentially unsafe PDFs:

A system administrator can add Internet domain names to the crossdomain.xml file on the server. Only



files from locations listed in the crossdomain.xml file can be downloaded to individual computers.

Individuals can identify specific files, folders, or URLs (hosts) as privileged locations in the Enhanced



Security dialog box. A file that resides in a privileged location is then trusted. Any actions, such as

loading data from the Internet or running a script are allowed. For example, Enhanced Security blocks

FDFs from a loading data from unknown websites. If you add the FDF to your list of privileged locations,

Acrobat allows the data to be loaded.

At a high level, Enhanced Security includes the following:

Preventing silent printing; cross-domain access, external stream access, and internet access; and script



and data injection.

Allowing dangerous behavior for only the specified privileged locations. These locations can be a file,



directory, or host server.

FDF behavior is fundamentally altered when this feature is on. For details, see Distributing and



Migrating Security Settings.

Table of Contents

This manual is also suitable for:

Acrobat 9.0 Reader 9.0

External Content And Document Security; Enhanced Security - Adobe 22002484 Manual

External Content and Document Security

8.1 Enhanced Security

Related Manuals for Adobe 22002484

Related Content for Adobe 22002484

This manual is also suitable for:

Table of Contents