Adobe 12001196 Security Guide - Page 7

Overview - download

Get Adobe 12001196 - Acrobat - Mac PDF manuals and user guides
UPC - 718659085742
View all Adobe 12001196 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 7 highlights

Application Security Guide Section 2 Protected View 2 Protected View On Windows, Acrobat 10.1 introduced a sandbox called Protected View (PV). With 11.0, the feature is extended to Reader. PV is a highly secure, read-only mode that blocks most actions and application behavior until the user decides whether or not to trust the document. PV is another defense-in-depth feature that is tightly integrated with the existing enhanced security feature. PV in Acrobat leverages the successful sandbox implementation already in place for Adobe Reader while providing a user experience that should be familiar to Microsoft Office 2010 users. Protected View 2.1 Overview Under the covers, the PV sandbox is similar to Reader's Protected Mode sandbox and provides equal protection. Just like Reader, Acrobat strictly confines the execution environment of untrusted programs; that is, any PDF and the processes it invokes. When PV is enabled, Acrobat assumes some or all PDFs are potentially malicious based on user preferences and confines processing to a restricted sandbox. Note For links to all documentation about Reader's sandbox, see http://learn.adobe.com/wiki/display/security/Protected+Mode+FAQ. Due to the rich nature of Acrobat's capabilities, Acrobat's behavior with PV enabled is slightly more complex than Reader's. The Acrobat team has specifically tailored application behavior for two types of scenarios: viewing PDFs with the standalone application and viewing PDFs with a browser. The rationale behind providing two protection experiences was driven by a need to preserve usability as well as the right level of functionality and security in each mode. 2.1.1 PV in a standalone product In the standalone application, behavior is simple and parallels the Protected View provided by Office 2010. During a file download and/or save, web browsers and email programs typically mark documents such as Internet files and attachments with a "potentially unsafe" flag. When you open such a document, Section 2 Protected View Page 3

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
2
Protected View
On Windows, Acrobat 10.1 introduced a sandbox called Protected View (PV). With 11.0, the feature is
extended to Reader. PV is a highly secure, read-only mode that blocks most actions and application
behavior until the user decides whether or not to trust the document.
PV is another defense-in-depth feature that is tightly integrated with the existing enhanced security
feature. PV in Acrobat leverages the successful sandbox implementation already in place for Adobe
Reader while providing a user experience that should be familiar to Microsoft Office 2010 users.
Protected View
2.1
Overview
Under the covers, the PV sandbox is similar to Reader's Protected Mode sandbox and provides equal
protection. Just like Reader, Acrobat strictly confines the execution environment of untrusted programs;
that is, any PDF and the processes it invokes. When PV is enabled, Acrobat assumes some or all PDFs
are potentially malicious based on user preferences and confines processing to a restricted sandbox.
Note
For links to all documentation about Reader's sandbox, see
.
Due to the rich nature of Acrobat's capabilities, Acrobat's behavior with PV enabled is slightly more
complex than Reader's. The Acrobat team has specifically tailored application behavior for two types of
scenarios: viewing PDFs with the standalone application and viewing PDFs with a browser. The rationale
behind providing two protection experiences was driven by a need to preserve usability as well as the right
level of functionality and security in each mode.
2.1.1
PV in a standalone product
In the standalone application, behavior is simple and parallels the Protected View provided by Office
2010. During a file download and/or save, web browsers and email programs typically mark documents
such as Internet files and attachments with a "potentially unsafe" flag. When you open such a document,
Application Security Guide
Section 2
Protected View
Section 2
Protected View
Page 3