Hi, Deri James wrote on Tue, Mar 18, 2014 at 01:26:02PM +0000: > On Tue 18 Mar 2014 12:58:09 Ingo Schwarze wrote:
>> Security-wise, PDF is one of the most dangerous file formats, nowadays. > That is true if the pdf reader you are using is configured to action > all the extra bits which Adobe added to the standard (i.e. forms, > flash and javascript). I certainly don't trust my browser to keep all that disabled. > Without these "extras" it has the same risks as any other > application consuming input from the web with regard to buffer > overflows etc. Except the PDF format is more complex than most, offering much opportunity for bugs. Just saying, not everybody accepts PDF as a web document format, not only for lack of support in the tools, but also as a conscious choice. Yours, Ingo
