Adobe Putting PDF Reader In a Sandbox 225
Captain Eloquence writes "The next major version of Adobe's PDF Reader will feature new sandboxing technology aimed at curbing a surge in malicious hacker attacks. The initial sandbox implementation will isolate all 'write' calls on Windows 7, Windows Vista, Windows XP, Windows Server 2008, and Windows Server 2003. Adobe security chief Brad Arkin believes this will mitigate the risk of exploits seeking to install malware on the user's computer or otherwise change the computer's file system or registry. In a future dot-release, the company plans to extend the sandbox to include read-only activities to protect against attackers seeking to read sensitive information from the user's computer."
Who needs it? (Score:5, Interesting)
I have only Sumatra PDF on my Windows 7 machine. I don't have a copy of Adobe's viewer on the machine at all.
Sumatra PDF is dumb, but reasonably secure. It can't do cut and paste, it doesn't do forms, and it doesn't have Javascript.
Operating System Feature (Score:4, Interesting)
Should it be an operating system feature to force all user applications to run in a sandbox by default?
software noob but... (Score:3, Interesting)
IANAMCSE but.....(I am not an MCSE :) )
Is there just no possible way to develop software that is NOT exploitable?
Re:Who needs it? (Score:4, Interesting)
You shouldn't be relying on sumatra PDF for printing at all, its printing support is terrible and the author says that it's unlikely to be fixed.
I just use evince. It even has a native Windows installer.
Re:Desperation (Score:5, Interesting)
I'm on OS X, so I use Preview (built in), and it's amazing. It looks great, and it's fast as heck. Because of this I was able to go a long time without having to use Adobe Reader.
Then I ran into a PDF at work (Windows boxes) and suddenly remember the word of pain and slowness that Reader caused. I now use FoxIt on Windows. It's not perfect (the experience of using Preview is much smoother), but it doesn't act like it owns my computer.
I recently discovered that not only do PDFs on Snow Leopard have icons that look like their first pages, but when you mouse over them two little buttons pop up and you can turn pages on the icon so you can easily see if a small PDF contains a specific chart without having to open preview or quicklook.
Some Mac blogger wrote a little while ago that if it wasn't for Preview, Mac users would have abandoned PDFs years ago as slow and bloated (the impression Reader leaves on both Mac and PC). Between Preview and the built in Print to PDF support, you forget how obnoxious PDFs can be on other platforms. MS should make a PDF reader and embed it into 7 SP2. It has to be better than Reader, and 95%+ of users don't use the fancy form-filling auto calculation Javascript magic stuff.
Re:Operating System Feature (Score:2, Interesting)
If you really want an operating system based solution, you could make a separate "acrobat" user (which doesn't have any read/write permissions), run Acrobat as this separate user and do a "sudo" whenever you want to allow acrobat to read/write to a file on the filesystem.
Giving Acrobat root permission whenever it wants to write to the disk would be rather brave.
In the real world you'd create an Apparmor or SELinux profile which only allowed it to write to a few places and that would be it. Unless you're on an antiquated OS like Windows, anyway.