Description: I've used Atril for over 10 years, but never had need to verify that the security features were actually honoured. When I set the password for protection against the "Copy Text" or "Printing", it all seems to progress nicely. BUT ... when I then open that using Atril on UbuntuMATE 22.04.5, Atril is not preventing the "Copy Text" or "Print" functions from being performed: https://private-user-images.githubusercontent.com/59403874/460329329-92eb3793-a93b-4bdf-b3ed-83282f39a80c.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NTEyMjQ1MzYsIm5iZiI6MTc1MTIyNDIzNiwicGF0aCI6Ii81OTQwMzg3NC80NjAzMjkzMjktOTJlYjM3OTMtYTkzYi00YmRmLWIzZWQtODMyODJmMzlhODBjLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNTA2MjklMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjUwNjI5VDE5MTAzNlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWY0YmJiMzk4ZDJlYTM5M2E0NTIxN2IzNDZjZmZlMmEyMDdlNTk0NDc1ZmMwYzE2MjZjMWU2MTY4NzVkNGVhNzgmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.5NafXq9A5y4St7EHgHNkCMgchl6nTgahYCI_ARe6cKc https://private-user-images.githubusercontent.com/59403874/460330463-468f090b-4b0b-4e77-a269-5fc96d2dff28.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NTEyMjQ1MzYsIm5iZiI6MTc1MTIyNDIzNiwicGF0aCI6Ii81OTQwMzg3NC80NjAzMzA0NjMtNDY4ZjA5MGItNGIwYi00ZTc3LWEyNjktNWZjOTZkMmRmZjI4LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNTA2MjklMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjUwNjI5VDE5MTAzNlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWYzMGJhNjE2YmNkYzY2ZGNmZWQyMzY0OWUwZmM0YjkzYjlkMDY5ODJiODk5ZTZjYmFiYjVlMDhlMmU5M2UzMWUmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.RYXORPKR3k-HsC6NfVRHvN-1vbpoTlbp2J1t6m8Feco https://private-user-images.githubusercontent.com/59403874/460330472-b386b790-7911-4c89-aee7-23a9f6aaf5c2.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NTEyMjQ1MzYsIm5iZiI6MTc1MTIyNDIzNiwicGF0aCI6Ii81OTQwMzg3NC80NjAzMzA0NzItYjM4NmI3OTAtNzkxMS00Yzg5LWFlZTctMjNhOWY2YWFmNWMyLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNTA2MjklMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjUwNjI5VDE5MTAzNlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTk0OGJjNWI0OGVjZjg3Y2VhMjFmMGJiNzZlNzFjMWE5MTg0MjY2YWE5ZTkwMWNjZjgwMzAwODczODRjNGExN2ImWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0._oojBXlPW5jLUI73ZhS0K7e0HiBhiFfXFRYLSA7OLEU Not knowing what various industry standards recommend or dictate, my concept of implementing that security function would seem to dictate encryption of the PDF output, thereby preventing any bypass of the security specification embedded in the output. In my view, this is a clear case of a bug, and would very much appreciate that the Development Team consider such a clear failure of a central security feature as worthy of as much immediate attention as is possible, in order to ensure that the trust of the Community of Users is not permanently lost and, potentially, by being able to demonstrate better functionality than other tools, attract new users to the Community. Version report from UbuntuMATE 22.04.5: https://private-user-images.githubusercontent.com/59403874/460331623-4886a898-a48e-446e-a879-446393accaf5.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3NTEyMjQ1MzYsIm5iZiI6MTc1MTIyNDIzNiwicGF0aCI6Ii81OTQwMzg3NC80NjAzMzE2MjMtNDg4NmE4OTgtYTQ4ZS00NDZlLWE4NzktNDQ2MzkzYWNjYWY1LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNTA2MjklMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjUwNjI5VDE5MTAzNlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTk3OGNmZjY0OTRkYjkxYzJhNjE1MTIxMjY1MDljOWUxYjVhYmMwZjc3MzhiYjlmZWU4YjY0MzI5NGE2MDM2MzAmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0In0.nx0yrvKxRlOcGL4OoTfIVgcXVz6qDWl1ybrgyVZGF1k Steps to Reproduce: 1. Choose "Export as PDF" 2. Set password for "Copy Text" & "Printing" 3. Click on "Export" 4. Open in any document viewer (a.k.a. Atril) Actual Results: Exported PDF file's contents can be copied and printed!!! Expected Results: Exported PDF file's contents are not protected unless the "PDF Viewer" does not implement functionality to abide by that specification. Protection of contents should not need to rely on 3rd-party capability for that protection. Protection feature is offered by the Authoring software, namely LibreOffice Writer, and should therefore ensure by the embedding in the output format, the mechanisms which would prevent any circumvention of the specified feature. In this case, if the feature being offered is "Prevent Copy of Text" or "Prevent Print", then the text in the output file should not be in a format that is openly accessible, thereby allowing the security feature to be bypassed, with the consequence of allowing it to be copied or printed. Reproducible: Always User Profile Reset: Yes Additional Info: Version: 7.3.4.2 / LibreOffice Community Build ID: 728fec16bd5f605073805c3c9e7c4212a0120dc5 CPU threads: 4; OS: Linux 6.8; UI render: default; VCL: gtk3 Locale: en-CA (en_CA.UTF-8); UI: en-US Calc: threaded
Created attachment 201542 [details] Image of PDF options at export
Created attachment 201543 [details] Image of security feature bypassed by 3rd-Party tool (Atril) for "Copy Text"
Created attachment 201544 [details] Image of security feature bypassed by 3rd-Party tool (Atril) for "Print"
Created attachment 201545 [details] Image of reported host configuration (UbuntuMATE 22.04.5)
For each of the 4 URLs, the corresponding targets have been attached, in the order they are referenced.
Cross-referencing to parallel bug submission on GitHub for Atril: https://github.com/mate-desktop/atril/issues/645
Seems like every reader do what they like.
(In reply to Eric Marceau from comment #0) > Not knowing what various industry standards recommend or dictate, my concept > of implementing that security function would seem to dictate encryption of > the PDF output, thereby preventing any bypass of the security specification > embedded in the output. It is impossible to make a program, that shows you a PDF, to know what to show you, and at the same time, not know what to put to clipboard when you ask for that (even if you provide a raster image instead of textual data, the app will still be able to put the raster image to the clipboard, if it chooses so). So - it is only a weak protection, based on voluntary agreement of the PDF reader software to honor the protection flags. Try with other apps that generate protected PDFs; Atril doesn't care what the generator is (or all generators are buggy). You may want to file a bug report to Atril.
*** This bug has been marked as a duplicate of bug 95424 ***
This is not solved .. i generated a password protected from Windos and opened in linux and is protected.. not the same if you try to generate from linux. This bug is not solved and is neither duplicate of bug 95424
(In reply to PICCORO Lenz McKAY from comment #10) You are a spammer. You wrote lots of meaningless comments in bug 95424, including a claim that a protection *for opening* a file (your attachment 147308 [details]), which *is* cryptographically strong, proves something about the "print/copy to clipboard" weak protection. Please stop spamming.