manualshive.com logo in svg

Adobe 12001196 - Acrobat - Mac, Manual

Get the Adobe 12001196 Acrobat user manual for Mac, available for free download on our website. This comprehensive manual will guide you through all the features and functionalities of Acrobat, ensuring you get the most out of this powerful software tool. Download it from manualshive.com today!

Share
Download
background image

7   Cross Domain Configuration

This document describes how to configure the Acrobat family of products to allow cross domain access for
PDFs in one domain that attempt to access data from another domain. By default, when requested
content is not from the same origin as the requesting document, Acrobat and Adobe Reader automatically
attempt to load a server-based policy file from that domain to get permission for such access. Default
behavior is subject to customization by administrators, IT, workflow stakeholders, and others who need to
enable or disable cross domain access.

Changes across releases: Cross domain support

Version

Change

9.0

Support for controlling cross domain access via policy files is introduced. The implementation leverages the Flash model.

9.1

Support for allowing cross domain access on a per document basis by identifying certified documents by the SHA-1 hash of
the signing certificate's public key. The hash is added to the cross-domain policy file.

8.1.7 & 9.2

Enhanced security added for 8.1.7.

8.2 & 9.3

• Enhanced security turned on by default. Enhanced security takes precedence of

Trust Manager internet access settings.

• On Windows, the ability to trust sites that the user already trusts via Internet

Explorer can be configured via the user interface or registry.

• A non-intrusive Yellow Message Bar (YMB) that doesn't block workflows replaces

many of the modal dialogs. Depending on how the client is configured, the YMB
appears at the top of the document and offers the user to trust the document
"once" or "always."

• Cross domain logging can be enabled and the log viewed via the user interface.

• cross-domain policy files support all the mime types specified in the 

Cross

Domain Policy File Specification

.

7.1   Cross domain basics

7.1.1   Same-origin policies

As the Acrobat family of products became more powerful over the years (i.e. support for JavaScript and
web service interaction), the line between document and application gradually blurred. With the addition of
interactive form features, multimedia, and scripting, PDFs became more capable with each release. On
the one hand, support for JavaScript and dynamic content within a Web page allows developers to add
rich interactivity and behaviors to their content. Yet these features can be abused by attackers, and
default configurations for clients that support them make such attacks even more dangerous.

One of the earliest attempts to combat such attacks was Netscape's same-origin policy introduced with
Netscape Navigator 2.0. The policy prevented a document or script loaded from one origin from accessing
resources loaded from another origin. To counter the same-origin policy, a wide variety of attack patterns
evolved, including cross-site scripting (XSS) and cross-site request forgery (XSRF). These attack patterns
have one thing in common: they exploit the trust shared between a user and a website by circumventing
its primary protection mechanism (the same-origin policy).

Adobe began addressing this problem several releases ago by implementing a standardized
cross-domain security model that has evolved over the years into a robust, secure solution. By providing
controls for who may receive data from whom, Adobe clients such as Flash and rich PDF documents are
safe and extremely flexible.

Application Security Guide

Section 7   Cross Domain Configuration

Section 7   Cross Domain Configuration

Page 51

Summary of Contents for 12001196 - Acrobat - Mac

Page 1: ...Acrobat Family of Products Acrobat Application Security Guide all versions...

Page 2: ...nd the Adobe logo are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and or other countries Windows Windows 7 and Windows XP are registered trademarks of...

Page 3: ...ons 15 3 6 FAQs 16 4 Enhanced Security 20 4 1 Feature interaction 20 4 2 Changes across releases 20 4 3 Configuration 21 4 4 Trust overrides 24 4 4 1 Privileged locations 25 4 4 2 Internet Access 25 4...

Page 4: ...Certificate based permissions 60 7 4 Server configuration 63 7 5 Calling policies via JavaScript 67 7 6 Troubleshooting 67 8 External Content Access 76 8 1 Internet access 76 8 1 1 Changes across rel...

Page 5: ...to propagate settings across your organization is to configure an installed application and then use the Customization Wizard s registry feature to copy the settings to the application installer Best...

Page 6: ...robat Describes the security model when Flash runs inside a PDF document Cross Domain Policy File Specification A specification and guide for creating server based cross domain policy files with examp...

Page 7: ...e potentially malicious based on user preferences and confines processing to a restricted sandbox Note For links to all documentation about Reader s sandbox see http learn adobe com wiki display secur...

Page 8: ...at is all of Reader s features are available in addition to features that become enabled when a document author uses Acrobat to extend features to Reader users These features include signing existing...

Page 9: ...I for the file folder or host Create a privileged location via the registry plist by placing a tID at HKCU Software Adobe product name version TrustManager cTrustedSites or TrustedFolders All of the c...

Page 10: ...ms actions based on those policies and when an admin provides a properly configured policy file the broker can bypass the application s default restrictions The broker first reads and applies all cust...

Page 11: ...configuration dialog 2 4 FAQs Design principles Some of the high level design criteria for Protected View include the following PDFs in a browser are more functional than PDFs in a Reader s sandbox Fo...

Page 12: ...casual users who interact with PDFs in unsecure environments There are a limited number of cases where you might want to disable Protected View In enterprise settings where PDF workflows are entirely...

Page 13: ...vileges Thus processes that could be subject to an attacker s control run with limited capabilities and must perform actions such as reading and writing through a separate trusted process This design...

Page 14: ...y on XP In enterprise settings where PDF workflows are entirely confined to trusted environments under an administrator s control If you have third party or custom plugins that cause issues when runni...

Page 15: ...lick and choose New REG_SZ Value 3 Create tBrokerLogfilePath 4 Right click on tBrokerLogfilePath and choose Modify 5 Set the value For example C DOCUME 1 username LOCALS 1 Temp BrL4FBA tmp Policy logg...

Page 16: ...y must reside in the Reader install directory adjacent to AcroRd32 exe in the install folder for example D Program Files x86 Adobe Reader 10 0 Reader The name of the policy file must be ProtectedModeW...

Page 17: ...rocesses PROCESS_ALL_EXEC SystemRoot system32 calc exe Registry REG_ALLOW_ANY HKEY_CURRENT_USER Software SomeProgram Mutants MUTANT_ALLOW_ANY imejp Sections SECTION_ALLOW_ANY imejp 3 4 Read policy cha...

Page 18: ...at a read restricted location on the user s disk or a network share When an FDF or XFDF is opened and it tries to reference a PDF file kept at a read restricted location on the user s disk or a netwo...

Page 19: ...rted until 10 1 and later Note When a screen reader like JAWS or Window Eyes is already running when Reader is started for the first time on XP systems a warning is shown instructing the user to turn...

Page 20: ...t configuration are not supported For a current list of issues see http helpx adobe com acrobat kb protected mode troubleshooting reader html Does the fact that Protected Mode invoke two Reader proces...

Page 21: ...effect on viewing LC Reader Extended PDFs It should work fine out of the box Is there any special status for certified documents so that one can disable Protected Mode only with certified documents No...

Page 22: ...sion has a limitation with Microsoft Desktop Search and is not installed with Reader X Does the Reader X need to go through the broker if we are saving a Reader extended document Yes Are the policies...

Page 23: ...r own broker No we do not currently provide the option for developers to write their own brokers but we may do so for future releases Do the Broker and the Sandbox processes share both the WindowStati...

Page 24: ...ssign trust When content is trusted as a result of a cross domain policy file for example that content is not subject to enhanced security restrictions It is important to understand the various ways t...

Page 25: ...Acrobat or Acrobat Reader and version 9 0 or 8 0 For 8 x only one key bEnhancedSecurityStandalone controls behavior for both standalone and browser modes Preferences are usually boolean True 1 enables...

Page 26: ...lue 3 Create bEnhancedSecurityStandalone and or bEnhancedSecurityInBrowser 4 Right click on the key and choose Modify 5 Set the value as follows 0 Disables enhanced security and locks the feature 1 En...

Page 27: ...Reader_ppc_9 0 plist 2 Go to TrustManager 3 Set EnhancedSecurityInBrowser Boolean YES NO 4 Set EnhancedSecurityStandalone Boolean YES NO 5 Exit the editor Note Do not configure Number For 8 x only on...

Page 28: ...of cross domain access Users can trust documents on the fly when the PDF opens When the Yellow Message Bar appears choose the Options button and then trust the document once or always Create a privile...

Page 29: ...ification signature The certification signature is valid The document recipient has specifically trusted the signer s certificate for privileged network operations Configure certificate trust as descr...

Page 30: ...s untrusted content in the workflow is significantly different than when enhanced security is disabled The feature is specifically designed so that users and admins can preconfigure trust or assign it...

Page 31: ...ased on the cross domain policy If the PDF opens in the Acrobat Reader standalone application and the FDF data comes back in the https response to a POST GET initiated by the PDF then the FDF data may...

Page 32: ...ature users can choose to trust a document once or always for the particular action A choice of always adds the document or host to the privileged locations list The message and the options button cho...

Page 33: ...e settings with the features locked This results in the following All enhanced security protections will be in place Only administrators can configure privileged locations End users cannot change any...

Page 34: ...obe Adobe Acrobat or Acrobat Reader 9 0 or 10 0 TrustManager bEnhancedSecurityStandalone dword 00000000 bEnhancedSecurityInBrowser dword 00000000 bTrustOSTrustedSites dword 00000001 4 7 Troubleshootin...

Page 35: ...aScript Allow JavaScript globally by API or by trusting specific document for it Configuration is possible either through the user interface the registry or both as follows User interface Application...

Page 36: ...eCertificateBasedTrust provides a way to make certified documents trusted as a privileged location 5 4 Disabling JavaScript Global JS configuration may occur via the user interface or the registry pli...

Page 37: ...an API and the other does not the API is blocked 5 5 1 Blacklist locations Macintosh Policy deployment is specific to Windows so Macintosh has only one update path blacklist at Contents MacOS Prefere...

Page 38: ...Key 4 Create tBlackList right click in the right hand panel and choose New String value 5 Enter tBlackList 6 Right click on tBlackList and choose Modify 7 Add the APIs to block as a pipe separated li...

Page 39: ...is the JavaScript Blacklist Framework Tool for Acrobat and Adobe Reader The tool offers protections against an entire class of vulnerabilities that target JavaScript APIs 5 5 4 1 Installation To insta...

Page 40: ...a current list of APIs from an Adobe server but presents a default list if an Internet connection is unavailable To use the tool 1 Choose Start Programs JS Blacklist Framework for Adobe Reader or Acr...

Page 41: ...p trustFunction Executing non privileged JS calls via menu items is not blocked whether this box has been checked or not 5 6 1 Trusted override There are several ways to assign trust so that this feat...

Page 42: ...ith security restrictions These are marked by an S in the third column of the quick bar in the JavaScript for Acrobat API Reference These methods can be executed only in a privileged context which inc...

Page 43: ...5 8 1 1 Certificate trust You can control script behavior on a per certificate basis or by using trust anchors If a signer s certifying certificate chains up to another certificate a trust anchor that...

Page 44: ...on the YMB An untrusted document that tries to invoke an URL via JS displays the YMB by default The user is given the option to trust the document for such actions via the Options button on the YMB 5...

Page 45: ...effort to provide granular control over document behavior The behavior across versions is as follows 5 12 1 9 1 and 8 1 6 and earlier If the application has JavaScript enabled Non high privileged Jav...

Page 46: ...message bar JS off warning 9 2 and 8 1 7 and later High privileged JavaScript will not execute unless the user has established a prior trust relationship with the document via a trusted certificate or...

Page 47: ...ly sandboxed processes are specifically prohibited from writing to that folder Thus the most secure operation involves enabling Protected View in Acrobat and Protected Mode in Reader thereby sandboxin...

Page 48: ...is will export the stored global variables to the new Acrobat session Or Copy glob js and glob setting js from the old JavaScripts folder to the Program Files Adobe Reader JavaScript folder and then d...

Page 49: ...ed if the file extension is associated with the requisite program File types on the black list These can be attached but a warning dialog appears stating that they cannot be saved or opened from the a...

Page 50: ...e type version 1 ade 3 adp 3 app 3 arc 3 arj 3 asp 3 bas 3 bat 3 bz 3 bz2 3 cab 3 chm 3 class 3 cmd 3 com 3 command 3 cpl 3 crt 3 csh 3 desktop 3 dll 3 exe 3 fxp 3 gz 3 hex 3 hlp 3 hqx 3 hta 3 inf 3 i...

Page 51: ...user interface resetting the list to its original state may result in the highest level of security To reset the black and white lists 1 Choose Preferences Trust Manager 2 In the PDF File Attachments...

Page 52: ...to the white list and prevents future warnings Never allow opening files of this type Adds the file type to the black list and does not open it 4 Choose OK Launch Attachment dialog 6 3 Blacklisted ext...

Page 53: ...t Microsoft mas Access Stored Procedures Microsoft mat Access Table Shortcut Microsoft mau Media Attachment Unit mav Access View Shortcut Microsoft maw Access Data Access Page Microsoft mda Access Add...

Page 54: ...Folder url Internet Location vb VBScript file or Any VisualBasic Source vbe VBScript Encoded Script file vbs VBScript Script file Visual Basic for Applications Script vsmacros Visual Studio NET Binary...

Page 55: ...wed via the user interface cross domain policy files support all the mime types specified in the Cross Domain Policy File Specification 7 1 Cross domain basics 7 1 1 Same origin policies As the Acroba...

Page 56: ...b com hosts a policy and requires credentials for access then any documents served from the domains listed in b com s policy file gain the right to use those credentials on the user s behalf Now that...

Page 57: ...by the enhanced security preference Acrobat s cross domain support becomes important when Enhanced security is enabled because uncontrolled cross domain access should not be permitted You require sele...

Page 58: ...le deployment pattern allows developers to employ the Web Service Proxy pattern In this design pattern new Web services are authored using LiveCycle at the same origin as the hosted document which the...

Page 59: ...policy file containing a wild card or the local file must be in a privileged location Local files A PDF can be opened directly from a local disk or referenced by a file URL Files have no domain when t...

Page 60: ...aders in cross domain requests The cross domain feature introduced with 9 0 allows administrators to Create a cross domain policy based on a specification Configure access to a broad range of location...

Page 61: ...le com crossdomain xml the default location that clients check when a policy file is required Policy files hosted this way are known as master policy files allow access from Allowing access to root do...

Page 62: ...ccess to this target domain it does define a meta policy that allows other policy files within this domain to determine how access is handled In this case the client is instructed to look for a policy...

Page 63: ...1 0 DOCTYPE cross domain policy SYSTEM http www adobe com xml dtds cross domain policy dtd cross domain policy allow access from domain example com to ports 507 516 523 cross domain policy 7 2 8 Crede...

Page 64: ...der 9 1 introduces an extension to cross domain policies that enables cross domain access on a per document basis You do so by identifying a certified document signed with a specific certificate that...

Page 65: ...ow Signature Properties 3 Choose the Details tab in the Certificate Viewer to see the list of all data for the selected certificate 4 In the Certificate Data pane select the SHA1 digest field 5 In the...

Page 66: ...e 9 In the Certificate Data pane select the SHA1 digest field 10 In the bottom pane highlight and copy the hex data fingerprint Note You should now remove the ID from the machine so that it doesn t ex...

Page 67: ...er configuration Policy files function only on servers that communicate over HTTP HTTPS or FTP 7 4 1 Policy file host basics When creating and using a policy file the following rules apply It s name m...

Page 68: ...t grant permissions for socket based connections For a socket connection a policy file can be used for both same domain connections as well as connections made across domains 7 4 3 Server setup exampl...

Page 69: ...ee cluster apps sap com com sap eng crossdomain xml 2 Specify the MIME type for the policy file For Netweaver 7 0 Netweaver 7 0 EhP1 and Netweaver 2004 1 Open the Visual Administrator 2 Choose the Pro...

Page 70: ...You must specify the file extension first and then the MIME type and separate them by a comma For example xml text x cross domain policy 5 Choose Save Changes 7 4 3 4 Windows Cross domain configurati...

Page 71: ...as app loadPolicyFile url will affect other PDFs opened during that client s session For details refer to the JavaScript for Acrobat API Reference SWFs can load policies from other locations via the...

Page 72: ...updates and later allow configuration via the user interface To do so 1 Choose Edit Preferences Windows only 2 Select Security Enhanced in the Categories panel 3 Check Create log file Enhanced securi...

Page 73: ...found The URLs indicate The resource requested Where the PDF was loaded from The policy file granting the permission Note It is possible that multiple policy files would have permitted the operation...

Page 74: ...and can t be found Verify the files are correctly pointed to A policy file exists but is invalid for some reason In this case this message should be preceded by a more specific message that shows the...

Page 75: ...Moselle Firefox 2 0 0 3 and earlier 2 0 0 4 and later Safari Macintosh 2 x and earlier 3 x and later strict Policy file requested from s redirected to s will use final URL in determining scope An HTTP...

Page 76: ...er policy file The site control tag is only legal in master policy files crossdomain xml on an HTTP HTTPS FTP server or a socket policy file from port 843 The meta policy has been ignored but the poli...

Page 77: ...server should explicitly declare a meta policy rather than relying on this implicit mechanism This can be done using a site control tag in the master policy file or using the HTTP response header X P...

Page 78: ...Acrobat clients should not receive these messages However since Acrobat leverages the Flash model these are provided for informational purposes Root level SWF loaded s Only pertinent to Flash Found se...

Page 79: ...ent to Flash and socket policy files strict Local socket connection forbidden to host s without a socket policy file Only pertinent to Flash and socket policy files Application Security Guide Section...

Page 80: ...ver Trust Manager internet access settings 8 1 2 Configuration For 9 2 and earlier this feature overrides enhanced security settings for files and folders With 9 3 enhanced security settings take prec...

Page 81: ...hether or not URL access is allowed on a global or per URL basis Manage Internet Access dialog For URLs that aren t explicitly trusted or blocked they are not on the white or black list a warning appe...

Page 82: ...he Authplay dll for playing content is defined as non legacy multimedia Files like flv and h 264 encoded files play by default The Yellow Message Bar doesn t appear in the presence of these media type...

Page 83: ...buttons choose Trusted documents or Non trusted documents The Trust Manager displays the selected trust preferences Note Beginning with 9 5 and 10 1 2 trust for legacy multimedia formats is stored in...

Page 84: ...or the file folder or host With 9 5 10 1 2 and later create a privileged location via the registry plist by placing a tID at HKCU Software Adobe product name version TrustManager cTrustedSites or Trus...

Page 85: ...e For versions 8 2 9 3 to 9 4 7 10 1 1 this feature does not interact with enhanced security and the Trusted Documents list is not the same as the privileged locations list Trust is stored in a file c...

Page 86: ...ct by flags which are defined in the PDF Reference For example an URL might point to an image external to the document Only PDF developers create PDF files with streams so you may not need to enable a...

Page 87: ...nt Trust files folders and hosts as privileged locations via Preferences Security Enhanced Privileged Locations panel so that when a PDF with 3D content opens If it is trusted the 3D content renders I...

Page 88: ...ontent in a PDF Enterprise IT can control how Flash plays within PDFs by setting the bEnableFlash registry entry Win or EnableFlash plist entry Mac When set to 0 Flash only plays if the PDF is a trust...

Page 89: ...trust is assigned Permissions granted by other features often overlap For example cross domain policies internet access settings in Trust Manager and certificate trust settings for certified documents...

Page 90: ...iction The Win OS Security Zone setting in the Privileged Locations panel now includes Local Intranet zones in addition to the current Trusted Sites zone The product should assign trust as Internet Ex...

Page 91: ...edFolders cTrustedSites The container cab determines which restriction the document can bypass For example a tID under cCrossDomain allows cross domain access For a complete list of available preferen...

Page 92: ...e recursive modify the name by appending _recursive to it Registry Configuration Recursive trust HKEY_CURRENT_USER Software Adobe product name version TrustManager cTrustedFolders cScriptInjection t5_...

Page 93: ...setting via the UI as follows by setting bDisableOSTrustedSites as follows 0 Disables trusting sites from IE and locks the feature 1 Enables trusting sites from IE and locks the feature HKEY_LOCAL_MAC...

Page 94: ...s List 9 x Choose Security Manage Trusted Identities and from the Display drop down list choose Certificates 10 x Choose Tools Sign and Certify More Sign and Certify Manage Trusted Identities and From...

Page 95: ...ternal content access 1 Choose Edit Preferences Page Display Windows or Acrobat Preferences Page Display Macintosh 2 Configure the Reference XObjects View Mode panel by setting Show reference XObject...

Page 96: ...cal components of information assurance For example signing certificates in certified documents can be used to assign trust for operations that would otherwise be restricted by enhanced security This...

Reviews:

No comments

Related manuals for 12001196 - Acrobat - Mac

Canon Optura Pi Software Starter Manual preview
Optura Pi
Brand: Canon Pages: 90
Alphasmart AS 3000 Installation And User Manual preview
AS 3000
Brand: Alphasmart Pages: 4
PS Audio PowerPlay Programming Manual preview
PowerPlay
Brand: PS Audio Pages: 6
ACRONIS SNAP DEPLOY 2.0 - User Manual preview
SNAP DEPLOY 2.0 -
Brand: ACRONIS Pages: 68
Autodesk LANDXPLORER 2011 - SYSTEM REQUIREMENTS Manual preview
LANDXPLORER 2011 - SYSTEM REQUIREMENTS
Brand: Autodesk Pages: 3
National Instruments PID Control Toolkit 371685C-01 User Manual preview
PID Control Toolkit 371685C-01
Brand: National Instruments Pages: 39
SMART SMART Notebook SE Installation Manual preview
SMART Notebook SE
Brand: SMART Pages: 20
DeLorme XMap 6 User Manual preview
XMap 6
Brand: DeLorme Pages: 437
Solid State Logic One Stop Vocal Processing Plug-in Vocalstrip User Manual preview
One Stop Vocal Processing Plug-in Vocalstrip
Brand: Solid State Logic Pages: 21
Solid State Logic Soundscape Mixer Reference Manual preview
Soundscape Mixer
Brand: Solid State Logic Pages: 109
MACROMEDIA FLEX BUILDER-USING FLEX BUILDER Use Manual preview
FLEX BUILDER-USING FLEX BUILDER
Brand: MACROMEDIA Pages: 158
Tascam 3.52 Release Notes preview
3.52
Brand: Tascam Pages: 4
Cisco CNS NetFlow Collection Engine Installation And Configuration Manual preview
CNS NetFlow Collection Engine
Brand: Cisco Pages: 36
Lenovo ThinkStation D20 Safety And Warranty Manual preview
ThinkStation D20
Brand: Lenovo Pages: 272
MACROMEDIA FLASH 8-GETTING STARTED WITH FLASH Getting Started preview
FLASH 8-GETTING STARTED WITH FLASH
Brand: MACROMEDIA Pages: 152
ESET MOBILE ANTIVIRUS - FOR WINDOWS MOBILE Datasheet preview
MOBILE ANTIVIRUS - FOR WINDOWS MOBILE
Brand: ESET Pages: 2
Adaptec 1684800 - EZ-SCSI Deluxe User Manual preview
1684800 - EZ-SCSI Deluxe
Brand: Adaptec Pages: 9
Adaptec CDP-00278-01-A User Manual preview
CDP-00278-01-A
Brand: Adaptec Pages: 130

Brands by name

Popular brands

Load more brands