45
217
USING ACROBAT X PRO
Security
Last updated 10/11/2011
4 Choose from the following options:
• To allow access to all URLs, select Allow PDF Files To Access All Web Sites.
• To restrict access to all URLs, select Block PDF Files’ Access To All Web Sites.
• To restrict access to only the URLs you specify, select Custom Setting.
• To add a website, type its URL in the Host Name text box and click Allow or Block.
• To remove a URL you no longer want to visit, select the website in the list and click Delete.
• To specify what the program should do with websites not in your custom list, select one of these options: Always
Ask, Allow Access, Block Access.
For more information, see the Application Security Guide at www.adobe.com/go/learn_acr_appsecurity_en.
Note: If you open a protected PDF and receive a prompt to allow or block a URL, select Remember My Action For This
Site. This reply adds the URL to this list.
Attachments
Attachments represent a potential security risk because they can contain malicious content, open other dangerous
files, or launch applications. Acrobat and Reader always let you open and save PDF and FDF file attachments. Acrobat
and Reader recognize certain files, such as those whose names end in .bin, .exe, and .bat, as threats. You can’t attach
such files. Acrobat does allow you to attach files that cannot be saved or opened from Acrobat, such as ZIP files.
However, this practice is not recommended.
Acrobat and Reader maintain a white list of file types that can be opened or saved, and a black list of file types that
cannot. You are allowed to attach file types that are not on either list. However, when you open or save a file of an
“unrecognized” type, you see a dialog box asking whether you trust the file type.
For details, see the Application Security Guide at www.adobe.com/go/learn_acr_appsecurity_en.
Manually add a file type to a black or white list
Administrators can modify the black or white list through the registry. Users can manually add a new file type to a
black or white list by attaching the file and then trying to open it.
1 Choose Tools > Content > Attach A File.
2 Add a file type that is not in the black or white list.
3 Right-click the file in the Attachments pane on the left and choose Open Attachment.
4 In the Launch Attachment dialog box, select one of the following options, and then click OK:
Open This File:
Opens the file without changing the registry list.
Always Allow Opening Files Of This Type:
Adds the file type to the white list and prevents future warnings.
Never Allow Opening Files Of This Type:
Adds the file type to the black list and does not open it. You can possibly
attach a file of this type to a PDF, but you can’t open it.
Note: To restrict a file type that you permitted in the past, reset (restore) attachment permissions in the Trust Manager
Preferences.
Reset (restore) attachment permissions
Because the list of allowed and disallowed file attachment types can grow over time, you can reset the lists to their
original state. This state can sometimes provide the highest level of security.
1 Choose Edit > Preferences (Windows) or Acrobat/Adobe Reader > Preferences (Mac OS).
37
218
USING ACROBAT X PRO
Security
Last updated 10/11/2011
2 From the Categories on the left, select Trust Manager.
3 In the PDF Attachments panel, click Restore. The Restore button is available only if you changed the attachment
defaults.
Allow attachments to start applications
The Trust Manager lets you control whether non-PDF attachments can start their associated applications.
1 In the Preferences dialog box, select Trust Manager from the Categories on the left.
2 Select the option Allow Opening Of Non-PDF File Attachments With External Applications. You must have the
external applications to open the files.
Cross-domain access
Enhanced security prevents a PDF in one host domain from communicating with another domain. This action
prevents a PDF from getting malicious data from an untrusted source. When a PDF attempts cross-domain access,
Acrobat and Reader automatically attempt to load a policy file from that domain. If the domain of the document that
is attempting to access the data is included in the policy file, then the data is automatically accessible.
For more details, see the Application Security Guide at www.adobe.com/go/learn_acr_appsecurity_en.
JavaScript
Acrobat and Reader let you adjust application behavior so that JavaScript executes within your desired level of security.
This helps restrict application access to JavaScript APIs and isolates workflows that do not require JavaScript APIs.
1 Choose Edit > Preferences (Windows) or Acrobat/Adobe Reader > Preferences (Mac OS).
2 From the Categories on the left, select JavaScript.
3 In the JavaScript Security panel, set options to manage JavaScript: as needed.
Enable Acrobat JavaScript
Uncheck to disable JavaScript completely or restrict JavaScript through APIs.
Enable Menu Items JavaScript Execution Privileges
Enables executing JavaScript by clicking menu items. When
off, privileged JavaScript calls can be executed through the menu. Executing non-privileged JavaScript calls through
menu items is not blocked whether this box is checked or not.
Enable Global Object Security Policy
Allows JavaScript globally through APIs, or trusts specific documents
containing JavaScripts.
Alternatively, you can modify your system registry settings to manage JavaScript execution.
For details, see the Application Security Guide at www.adobe.com/go/learn_acr_appsecurity_en.
Security warnings
You sometimes see a warning when you open a PDF. The warning comes in many forms (three are shown below).
27
219
USING ACROBAT X PRO
Security
Last updated 10/11/2011
Security warnings
What does the warning mean?
The warning is asking whether you trust the people who sent you the PDF or the site in which the PDF is displayed.
The warning appears because the PDF content can potentially harm your computer. For example, the warning is
displayed for PDFs that can transfer or run programs and macros. It does not necessarily mean that the PDF is
harmful.
What is the right action to take?
Some product features assign trust through their own Preferences panel. For example, the Trust Manager includes
options for managing URL access, and Multimedia Trust (Legacy) has options for playing embedded multimedia. For
features affected when enhanced security is enabled, you can selectively allow restricted actions by using a method
described in “Bypass enhanced security restrictions” on page 214.
To open Preferences, choose Edit > Preferences (Windows) or Acrobat/Adobe Reader > Preferences (Mac OS).
If you know and trust the sender
If you trust the PDF or the company or individual who sent it, click the Options, Allow, or Play button. (The buttons
vary depending on the warning.) You can now view the PDF.
If you don’t know or trust the sender
If you don't trust the PDF or don't know who created it or where it came from, don't click the Options, Allow, or Play
button. Acrobat and Adobe Reader continues to block the suspicious content or actions. To hide the warning, click the
Close or Cancel button. If you click any of the blocked content, the warning reappears.
No Options, Allow, or Play button?
If the warning does not contain an Options, Allow, or Play button, your administrator has disabled this feature. You
cannot choose to trust or allow this content. Click the Close or Cancel button to hide the warning. You can view the
PDF, but you cannot access any of the blocked content. Contact your administrator for more information.
45
220
USING ACROBAT X PRO
Security
Last updated 10/11/2011
When are security warnings displayed?
Security warnings can be displayed in the following situations:
Blacklisted JavaScript
JavaScript is a computer language in widespread use. JavaScript code can be vulnerable to
attacks, and JavaScript can be used to open websites. Adobe regularly updates the blacklist with known JavaScript
vulnerabilities. If a PDF tries to access blacklisted JavaScript, you see a message in the yellow document bar, at the top.
For administrators:
• For instructions on how to manage JavaScript execution, see the article “JavaScript” on page 218
• For more information about the situations that trigger JavaScript warnings, see the TechNote at
go.adobe.com/kb/ts_cpsid_50432_en-us.
• For more information about blacklisted JavaScripts, see the TechNote at go.adobe.com/kb/ts_cpsid_50431_en-us.
Security settings updates
Adobe periodically distributes certificates for security purposes. These downloads help
ensure that digitally signed PDFs from trusted sources maintain their trusted status. If you receive an update from an
unknown source, verify that it is from a web address that you trust before proceeding. Updates from untrusted websites
can create vulnerabilities on your computer.
Accessing stream objects (XObjects)
Acrobat and Reader display a warning when a PDF attempts to access external
content identified as a stream object. For example, a URL might point to an external image. The silent transmission of
data can pose a security risk as Acrobat and Reader communicate with an external source.
Inserting data into PDFs and forms
A warning appears when an untrusted source attempts to add data to a PDF form.
Although this data-injection feature can streamline workflows in your organization, it can also be used to add
malicious data into a PDF.
Silent printing
Silent printing is printing to a file or printer without your confirmation. It is a potential security risk
because a malicious file can silently print multiple times to your printer, wasting printer resources. It can also prevent
other documents from printing by keeping the printer busy.
Contact your system administrator to determine when to allow silent printing.
Web links
In addition to visible web links in a PDF document, form fields can contain hidden JavaScript that open a
page in a browser or silently request data from the Internet.
Important: Acrobat and Reader X, 9.3, and 8.2 enable enhanced security by default. Adobe recommends that you enable
enhanced security if it is not already enabled, and bypass restrictions only for trusted content.
More Help topics
“Enhanced security” on page 214
“Document message bar” on page 10
“Play multimedia” on page 361
“Multimedia Trust preferences” on page 362
Content security
Content security includes features such as digital signatures, encryption, and permissions that ensure data integrity.
40
221
USING ACROBAT X PRO
Security
Last updated 10/11/2011
Opening secured documents
Acrobat and Reader warn you any time you try to open a URL (website) or a file attachment that uses a disallowed file
type. URLs and disallowed file types are potentially dangerous because they can transfer or run programs, macros, or
viruses that can damage your computer. Examples of disallowed file types include .exe and .zip files.
Documents can be secured in several ways. To view the security settings of a document, choose File > Properties in
Acrobat or Reader. From the Document Properties dialog box, click the Security tab. If you have trouble opening a
PDF, or you’re restricted from using certain features, contact the author of the PDF.
Password protected
A password-protected PDF either requires a password to open or a password to change or remove
restricted operations. If a document has restricted features, tools and options related to those features are dimmed.
Certified
Certifying a document assures recipients that the document is authentic. Certifying signatures also include
information to allow or disallow particular actions, such as filling forms and modifying the document. When you
submit a certified form, you are assured that it is going back to the valid author. A document with a valid certificate
displays a Blue Ribbon icon . A PDF Portfolio with a valid certificate displays a Signature Badge.
A PDF Portfolio with a certifying signature
Adobe LiveCycle Rights Management ES configured
Adobe LiveCycle Rights Management ES (ALCRMS) lets you
manage accounts and configure security policies for your organization. ALCRMS lets you apply a policy to documents
without the need for digital signatures and certificates.
More Help topics
“Digital signatures” on page 249
“Securing documents with passwords” on page 224
“Certificate security” on page 227
Choosing a security method
By adding security to documents, you can limit viewing, editing, printing, and other options to only the specified users.
Choosing which type of security to use
Security features range from relatively simple measures to sophisticated systems adopted by corporations and
agencies. Which feature you choose depends on what you want to achieve. Here are some examples:
• You want only certain people to view your PDF. The easiest solution is to add a password to the PDF and send it
to your intended recipients. (See “Add password security” on page 224.)
• You don’t want anyone to print or edit your PDF. You can block printing and editing from the same dialog box
that you use to add a password. (See “Add password security” on page 224.)
• You want to assure your recipients that the PDF is really from you. The best way is to purchase a digital ID from
a certificate authority. Alternatively, you can create a self-signed digital ID if you are communicating with a group
that you trust. (See “About digital IDs” on page 238 and “Securing documents with certificates” on page 227.)
51
222
USING ACROBAT X PRO
Security
Last updated 10/11/2011
• You want an organization-wide security solution for PDFs. You can devise a solution specifically for a company
handling sensitive data. Some organizations use Adobe LiveCycle Rights Management ES to apply a policy to
documents. The policy contains the list of recipients and their individual set of permissions. Individuals can use a
policy to apply the same security settings to numerous documents. (See “Securing documents with Adobe
LiveCycle Rights Management ES” on page 232.)
Security policies
A security policy enforces systematic constraints on information flow and exchange within an organization. You can
use Adobe LiveCycle Rights Management ES to apply a policy to documents without the need for digital signatures
and certificates. If you often apply the same security settings to PDFs, consider creating a security policy to simplify
your workflow. Different policies are useful for accommodating different requirements.
Envelope policy
You can secure multiple documents by embedding them in a PDF envelope. You can encrypt
envelopes to prevent unauthorized users from accessing the contents and certify them to provide proof of origin.
Authorized recipients can open the envelope and extract the files to view them.
LiveCycle Rights Management ES policy
Adobe LiveCycle Rights Management ES policies are stored on a server, and
users must have access to the server to use them. Creating these policies requires specifying the document recipients
from a list on Adobe LiveCycle Rights Management ES.
Password and certificate policies
Save your password or certificate settings and reuse them to encrypt PDFs without
setting up the password or certificate for each instance.
If you apply security settings to a PDF Portfolio, including the component documents, you can automate the steps by
using Action Wizard (Choose File > Action Wizard).
Protection required:
Action:
Require a password to open a
PDF, or copy or print its contents
Choose Tools > Protection > Encrypt > Encrypt with
Password. For a PDF Portfolio, choose View > Portfolio >
Cover Sheet. Then choose Tools > Protection > Encrypt >
Encrypt With Password. If you don’t see the Protection
panel, see the instructions for adding panels at “Task
panes” on page
9.
If your company is signed up, you can also use Adobe
LiveCycle Rights Management ES to secure documents.
When you use Action Wizard to apply security to PDF
Portfolios the child documents are secured, but the
cover sheet is not.
Indicate that you approve of the
PDF content
Sign and certify the PDF. You must obtain a digital ID to
add digital signatures. Buy a digital ID (see the Adobe
website for security partners) or create a self-signed one.
See “Create a self-signed digital ID” on page
239.
For Asian languages, you can add an approval stamp.
51
223
USING ACROBAT X PRO
Security
Last updated 10/11/2011
Additional resources
For more information on using security features, see these resources:
• Legal professionals: blogs.adobe.com/acrolaw/
• Security Matters blog: blogs.adobe.com/security
More Help topics
“Removing sensitive content” on page 243
“Setting up security policies” on page 233
“Modify form field properties” on page 188
“Run an action” on page 314
Choosing security methods within FIPS mode (Windows)
Acrobat and Reader provide a FIPS mode to restrict data protection to Federal Information Processing Standard
(FIPS). FIPS mode uses FIPS 140-2 approved algorithms using the RSA BSAFE Crypto-C Micro Edition (ME) 3.0.0.1
cryptographic module.
The following security options are not available in FIPS mode:
• Applying password-based security policies to documents. You can use public key certificates or Adobe LiveCycle
Rights Management ES to secure the document. However, you cannot use password encryption to secure the
document.
• Creating self-signed certificates. To create a self-signed digital ID, it must be saved to the Windows certificate store.
You cannot create a self-signed digital ID that is saved to a file.
• RC4 encryption. A PDF file can only be encrypted by using the AES encryption algorithm when in FIPS mode.
• MD5 or RIPEMD160 digest methods. In FIPS mode, only the SHA-1 and SHA-2 families of digest algorithms can
be used when creating a digital signature.
In FIPS mode, you can open and view documents that are protected with algorithms that are not FIPS compliant.
However, you can’t save any changes to the document using password security. To apply security policies to the
document, use either public key certificates or Adobe LiveCycle Rights Management ES.
FIPS mode is configured in the Windows registry by a system administrator. For more information, see Digital
Signatures Guide (PDF) at www.adobe.com/go/learn_acr_security_en.
Prevent forms from being
tampered with
Use LiveCycle Designer to secure forms and create
locking signature fields. See the Adobe LiveCycle
Designer Help.
Send secure file attachments via
e-mail
Use security envelopes. (Tools > Protection > More
Protection > Create Security Envelope.
Allow only the people you
specify to view a PDF
Choose Tools > Protection > Encrypt > Encrypt With
Certificate, or apply security using Adobe LiveCycle
Rights Management ES. You must have certificates for
users who can view the documents. If you don’t see the
Protection panel, see the instructions for adding panels
at “Task panes” on page
9.
Protection required:
Action:
43
224
USING ACROBAT X PRO
Security
Last updated 10/11/2011
Securing documents with passwords
Add password security
You can limit access to a PDF by setting passwords and by restricting certain features, such as printing and editing.
However, you cannot restrict saving copies of a PDF. The copies have the same restrictions as the original PDF. Two
types of passwords are available:
Document open password
With a document open password (also known as a user password), users must type in the
password you specify to open the PDF.
Permissions password
When you set only a permissions password (also known as a master password), recipients don’t
need a password to open the document. However, they must type the permissions password to set or change the
restricted features.
If the PDF is secured with both types of passwords, it can be opened with either password. However, only the
permissions password allows the user to change the restricted features. Because of the added security, setting both
types of passwords is often beneficial.
Note: You cannot add passwords to a signed or certified document.
All Adobe products enforce the restrictions set by the permissions password. However, if third-party products do not
support these settings, document recipients are able to bypass some or all of the restrictions you set.
Important: If you forget a password, you cannot recover it from the PDF. Consider keeping a backup copy of the PDF
that isn’t password-protected.
1 Do one of the following:
• In a single PDF or component PDF in a PDF Portfolio, open the PDF and choose Tools > Protection > Encrypt >
Encrypt with Password. (You can also choose File > Properties and select the Security tab.) If you don’t see the
Protection panel, see the instructions for adding panels at “Task panes” on page 9.
• In a PDF Portfolio, open the PDF Portfolio and choose View > Portfolio > Cover Sheet. Then choose Tools >
Protection > Encrypt > Encrypt With Password. (You can also choose File > Portfolio Properties and select the
Security tab.)
Note: If these options are unavailable, it’s either because the document or PDF Portfolio already includes security settings,
or the PDF was created in LiveCycle Designer ES.
2 If you receive a prompt, click Yes to change the security.
3 Select a compatibility level. This option sets the encryption level and key size.
Encryption algorithm and key size are version specific. Ensure that your encryption level is equal to or lower than the
recipients’ version of Acrobat or Reader.
4 Select the document components to encrypt.
To allow the document contents to be searched, leave the metadata unencrypted. To create security envelopes, use
Encrypt Only File Attachments.
5 Select the type of password to add, and then type the password in the corresponding field. For each keystroke, the
password strength meter evaluates your password and indicates the password strength using color patterns. If you
are setting a permissions password, determine the level of access.
Documents you may be interested
Documents you may be interested