steven at illconscience
Oct 31, 2007, 1:07 PM
Post #4 of 4
It would be possible to decrypt the pdf and scan it for malicious
content. The decryption process would be a bit expensive. The document
below gives an overview of PDF encryption.
Currently libpoppler supports encrypted PDF files.
> If they're encrypted they should simply be rejected.
Maybe this is the correct way to handle encrypted PDF files, although I
know of a few companies and individuals that are email legitimate
encrypted pdf files. It might be nice to implement this in Clam and
simply add a CL_SCAN_PDF_ENCRYPTED flag to the API.
David Hinkle wrote:
> If they're encrypted they should simply be rejected. Just like an
> encrypted zip, vastly more likely to be a virus than anything
> On 10/30/07, Gianluigi Tiesi <sherpya [at] netfarm> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>> Steve McDaniel wrote:
>>> Is anyone working on adding support for handling encrypted PDF files?
>> there is a way to decrypt them?
>> perhaps if there is one what should be the point
>> to encrypting pdf?
>> - --
>> Gianluigi Tiesi <sherpya [at] netfarm>
>> EDP Project Leader
>> Netfarm S.r.l. - http://www.netfarm.it/
>> Free Software: http://oss.netfarm.it/
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.1 (MingW32)
>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>> -----END PGP SIGNATURE-----
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
Please submit your patches to our Bugzilla: http://bugs.clamav.net