[mdlug] Adobe FileOpen Plugin Security Risk?
Mathew Enders
mat.enders at gmail.com
Fri Jan 15 17:48:47 EST 2010
Peter Bart wrote:
> Hi Everyone,
> Today I downloaded a manual from <http://www.techstreet.com/> that
> required I install a plugin to be able to read it from
> <http://plugin.fileopen.com/all.html>. As best as I can figure out it's
> some sort of DRM. I ran the installer from the shell, and it had to be
> root. Then I found <http://www.fileopen.com/pdf_plug_in_faq.php#a9>, but
> I'd allready ran the installer. I know I should have checked a little
> more thoroughly, but here I am. Below is the screen output from when I
> ran the script, and I still have the installer script as well. It
> doesn't look like I compromised my system, but this is not my area of
> expertise. Anyone want to venture a guess? Anyone heard of this before?
>
> plumber-notebook:/home/peter/Downloads/adobe/file_open_inst/FileOpenInstaller # /home/peter/Downloads/adobe/file_open_inst/FileOpenInstaller/commandline_installer.sh
>
> *************** FileOpen Plug-in Installer ***************
>
> Removing any old installation files...
> Removing any previously installed plug-ins...
> Trying to read Acrobat Reader version...
> Path to executable : /usr/bin/acroread
> Acrobat Reader version 8.1.7 found.
> Checking if ./FileOpen.AR8.api exists...yes
> Using FileOpen plug-in from current directory...
> Checking if downloaded ./FileOpen.AR8.api exists...yes
>
> Installing plug-in for current user...
> Correcting permissions...
> Installation was successful.
> plumber-notebook:/home/peter/Downloads/adobe/file_open_inst/FileOpenInstaller #
>
>
>
It is definetly doing DRM but you are not exposed I do not believe it
only runs with your limitded user permissions and just does a check at
the publishers website.
More information about the mdlug
mailing list