#307 closed enhancement (wontfix)
Consider adding support for PDF inspection using peepdf
Reported by: | Lewis Rosenthal | Owned by: | |
---|---|---|---|
Priority: | minor | Milestone: | 1.4.0 |
Component: | Backend | Version: | 1.3.6 |
Keywords: | Cc: |
Description (last modified by )
It would be useful to have the ability to scan PDFs for malicious content, with an option to scan before opening. This will become more important when we ultimately have JS support in Poppler, of course, but for now, like any other type of virus or malware scanning, it is mainly to ensure that we don't pass along bad stuff to others.
peepdf is a set of Python modules (with their own dependencies) to provide in-depth analysis of PDF documents. It would probably be advisable if peepdf and its dependencies (pyv8 and pylibemu) were added to the repo, here, and we utilize those modules. I have not thought through the implementation of this, however, so that will require some more careful planning.
Change History (4)
comment:1 by , 8 years ago
Description: | modified (diff) |
---|
comment:2 by , 8 years ago
comment:3 by , 8 years ago
Resolution: | → wontfix |
---|---|
Status: | new → closed |
LOL...
I can't fault your reasoning, my friend, but it does happen that OS/2 is often in a mixed environment, with documents going around the office. Inferior or not, we should at least do what we can to not add to the pollution.
That said, your point is well taken, as is the crux of this: if 99% of the potentially malicious code in PDFs is JS, and if Poppler does not support JS, how could we risk the OS/2 system? I submit, then, that this is something to potentially revisit if and when Poppler supports JS, and the security concern is closer at hand.
comment:4 by , 6 years ago
Milestone: | Future → 1.4.0 |
---|
Move closed tickets to completed milestone. Many of these were completed before 1.4.0
Sorry since all the contaminated pdfs will be openly available and we have no obligation to keep people using inferior platforms safe, why should we waste our very limited programing resources on something like this? I doubt we will ever have JS support in poppler.