General Programming Discussion

8253 readers

37 users here now

A general programming discussion community.

Rules:

Be civil.
Please start discussions that spark conversation

Other communities

Systems

Functional Programming

Also related

[email protected]

founded 6 years ago

MODERATORS

[email protected]

Linux running inside a PDF file via a RISC-V emulator (github.com)

submitted 2 months ago by [email protected] to c/[email protected]

5 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 11 points 2 months ago* (last edited 2 months ago) (3 children)

That's really impressive but has massive security implications.

the PDF file format supports Javascript with its own separate standard library. Modern browsers (Chromium, Firefox) implement this as part of their PDF engines.

This is something that really shouldn't exist. I can't imagine the legitimate uses for this outweigh the ways to abuse it.

Documents shouldn't be allowed to run code. Ever.

Incidentally, anyone know which Firefox flag to set to disable running JS in PDFs entirely?

[–] [email protected] 1 points 2 months ago* (last edited 2 months ago)

Incidentally, anyone know which Firefox flag to set to disable running JS in PDFs entirely?

It's pdfjs.enableScripting in about:config. Note that Firefox is more strict with PDF scripts to begin with, and the linked Linux PDF only works in Chromium-based browsers.

load more comments (2 replies)