Attachments; Black Lists And White Lists; Configuration - Adobe 12001196 - Acrobat - Mac Manual

Application Security Guide

6 Attachments

Acrobat products provide a way for you to add, remove, open, and save file attachments. However,
attachments represent a potential security risk because they can contain malicious content, open other
dangerous files, or launch applications. Certainly file types such as .bin, .exe, .bat, and so on will be
recognized as threats by most users and are not allowed as attachments.
To mitigate the risk inherent in attachments:
• Know what the content is and from where it originated.
• Be aware of dangerous file types and how the application manages those types. Adobe applications
maintain Black lists and white lists which control application behavior.
• Prevent attachments from opening other files and launching applications. This is the default
behavior. For details about changing this behavior, see Allowing attachments to launch applications.

6.1 Black lists and white lists

The applications store a list of some of these good (white) and bad (black) file types in the registry.
Application behavior is controlled by the file type's membership in a list:
• File types on the white list: These can be attached and may be opened or saved if the file extension
is associated with the requisite program.
• File types on the black list: These can be attached, but a warning dialog appears stating that they
cannot be saved or opened from the application. No actions are available for these files.
• File types not on any list: These can be attached without a warning dialog. Trying to open or save
them invokes a dialog which allows the user to perform the action just once or to add them to the
good type (white) list or bad type (black) list.
Attachment: Dangerous type warning
You can attach file types that are on the black list because a document recipient may have a less
restrictive black list than you (the sender). While the recipient may be able to open the file, the attacker will
not be able to execute or open it from within the application. Attempting to open a prohibited file type
results in a warning that the action is not allowed.
Attachment: "Cannot open" warning

6.2 Configuration

6.2.1 UI and registry config
The default application behavior for file types in the attachment list can be modified manually as needed.
New file extensions can be added to the list, existing ones removed, and the behavior changed for file
types already in the list.
Permissions settings are as follows:
Section 6 Attachments
Section 6 Attachments
Page 45