Bug 49697 - PDF: LO allows editing write-protected PDF when password field empty or clicking "Cancel"
Summary: PDF: LO allows editing write-protected PDF when password field empty or click...
Status: NEW
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: Draw (show other bugs)
Version:
(earliest affected)
Inherited From OOo
Hardware: Other All
: medium normal
Assignee: Not Assigned
URL:
Whiteboard: BSA
Keywords: haveBacktrace, needsDevEval, topicUI
: 142311 148457 (view as bug list)
Depends on:
Blocks: PDF-Import-Draw Password-Protected
  Show dependency treegraph
 
Reported: 2012-05-09 10:53 UTC by Sergey
Modified: 2022-07-06 13:56 UTC (History)
11 users (show)

See Also:
Crash report or crash signature:


Attachments
The file requiring password. (495.27 KB, application/pdf)
2012-05-09 10:53 UTC, Sergey
Details
Password dialog (9.83 KB, image/png)
2012-05-09 10:56 UTC, Sergey
Details
Document security as shown by Acrobat Reader XI (28.86 KB, image/png)
2016-05-10 08:23 UTC, Heiko Tietze
Details
bt with debug symbols (14.95 KB, text/plain)
2021-03-14 10:56 UTC, Julien Nabet
Details
A PDF file encrypted using empty password (6.78 KB, application/pdf)
2021-05-25 03:14 UTC, yury.dubinsky
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Sergey 2012-05-09 10:53:44 UTC
Created attachment 61296 [details]
The file requiring password.

I'm using latest git.

Problem description: 

Steps to reproduce:
1. Open attached file with libreoffice

Current behavior:
1. Open attached file with libreoffice
2. LO asks for password: see attached screenshot-1.png
3. Pressing Cancel successfully opens a file.
4. Entering something says: incorrect password
5. After password entered LO not able to open the file even after Cancel - it says "General IO error"

Expected behavior:
Evince displays the file with no password required, also selecting "Cancel" in LO successfully opens the file. I expect the file to be opened without password.

Also, if the file is indeed protected somehow, i expect LO to provide more information about what is happening.

Platform (if different from the browser): 
              
Browser: Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.19 (KHTML, like Gecko) Ubuntu/10.04 Chromium/18.0.1025.151 Chrome/18.0.1025.151 Safari/535.19
Comment 1 Sergey 2012-05-09 10:56:02 UTC
Created attachment 61297 [details]
Password dialog
Comment 2 Hashem Masoud 2012-09-18 20:30:05 UTC
(In reply to comment #0)
Confirmed here and I couldn't find a duplicate:
Version 3.6.0.4 (Build ID: 932b512) Slackware Linux 13.37
If there is no password assigned, why would the password dialog appear in the first place?
Comment 3 Sergey 2012-09-19 16:16:47 UTC
Could it be write-protected PDF? Then LO in fact is asking for password for write access? Meaning evince does not require any password for read-only access.

Even if this is true, the dialog text is misleading, it says "Enter password to _open_  file:" while in case write-protected file it should say something like "Enter password to open file for modification or press Cancel if you want it open read only".
Comment 4 Robert Roth 2013-01-28 15:26:07 UTC
The password dialog appears because the PDF file is encrypted, pdfinfo says:
Encrypted:      yes (print:yes copy:yes change:no addNotes:no)
Which means printing and copying is enabled without password, changing the PDF or adding notes is forbidden.
Comment 5 Alexandr 2014-07-31 09:03:42 UTC
Reproducible with LibreOffice 4.2.5 and 4.3.0 on debian.

> The password dialog appears because the PDF file is encrypted

Anyway, "General IO error" is not correct behavior.
Comment 6 QA Administrators 2015-09-04 02:49:00 UTC Comment hidden (obsolete)
Comment 7 Sergey 2015-09-13 17:03:11 UTC Comment hidden (obsolete)
Comment 8 Heiko Tietze 2016-05-10 08:23:31 UTC
Created attachment 124944 [details]
Document security as shown by Acrobat Reader XI

In fact the document is read-only.

1. Change the text to something like "Enter password for write-protected file...".
2. Make sure that cancel aborts the processing. Right now (5.2 alpha) it's possible to edit the write protected document after canceling.

Looks like an EASYHACK.
Comment 9 jani 2016-05-11 05:46:45 UTC Comment hidden (obsolete)
Comment 10 Xisco Faulí 2016-09-15 15:26:55 UTC Comment hidden (obsolete)
Comment 11 Xisco Faulí 2016-09-27 10:36:08 UTC Comment hidden (obsolete)
Comment 12 Shinnok 2017-09-07 09:37:53 UTC Comment hidden (obsolete)
Comment 13 Heiko Tietze 2017-09-07 10:04:05 UTC Comment hidden (obsolete)
Comment 14 Aron Budea 2018-01-04 21:37:19 UTC
Bug still there in LO 6.0.0.1 / Windows 7. Adjusting earlier version, since bug is already in 3.3.0.

File also opens much slower in 6.0.0.1 than in 3.3.0.
Comment 15 Roman Kuznetsov 2018-06-17 11:56:35 UTC
still repro in

Version: 6.1.0.0.beta2+ (x64)
Build ID: fe1a23b5c49c94410a604c8d4a6f50f43d575403
CPU threads: 4; OS: Windows 10.0; UI render: GL; 
TinderBox: Win-x86_64@42, Branch:libreoffice-6-1, Time: 2018-06-17_06:31:41
Locale: ru-RU (ru_RU); Calc: CL
Comment 16 QA Administrators 2019-06-18 02:46:27 UTC Comment hidden (obsolete)
Comment 17 Xisco Faulí 2020-03-09 13:28:23 UTC Comment hidden (obsolete)
Comment 18 Julien Nabet 2021-03-14 10:56:59 UTC
Created attachment 170474 [details]
bt with debug symbols

Here's a bt when password dialog box displays.
Comment 19 Timur 2021-05-17 11:04:12 UTC
*** Bug 142311 has been marked as a duplicate of this bug. ***
Comment 20 yury.dubinsky 2021-05-25 03:14:20 UTC
Created attachment 172308 [details]
A PDF file encrypted using empty password

a demo PDF encrypted using empty password via qpdf
Comment 21 yury.dubinsky 2021-05-25 03:36:06 UTC
The problem is that the file is encrypted using empty password.
- Try to open the file with Draw and enter any string. You will get: "The password is incorrect. The file cannot be opened."  
- Delete the string making the password field empty and press OK. The file is opened. The password is null.  
I have many financial statements that are encrypted using empty password. There are reasons, mostly relevant for Adobe products, for using empty passwords.  I I also attached a demo PDF encrypted with empty password via qpdf. Programs such as Adobe Reader, Chrome / Chromium, Firefox, Evince, Okular, GIMP, and ImageMagic, and others don't prompt for password when the password is null. Even programs which has problems with PDF decryption such as Imagemagic and Inkscape silently open such files.
Comment 22 Michael Warner 2021-05-26 00:26:58 UTC
(In reply to yury.dubinsky from comment #21)

> There are reasons, mostly relevant for Adobe products, for using empty
> passwords.

If you wouldn't mind, could you elucidate more what those reasons are? I can't think of any, but I don't use much Adobe products any more.
Comment 23 yury.dubinsky 2021-05-26 04:02:45 UTC
I guess I know one reason. Let’s examine the example from this post using pdfinfo. We see:
Encrypted:      yes (print:yes copy:yes change:no addNotes:no algorithm:RC4)
2/3 of my financial statements received from credit card companies and banks have this encryption level and are also encrypted with blank passwords. When addNotes is no, Adobe Reader, which is the standard for all financial businesses, does not support annotations in these PDFs. Of course, it is a funny protection, but security departments need their food.
Comment 24 Stéphane Guillou (stragu) 2022-04-09 07:58:04 UTC
Changing summary to be more accurate as a PDF viewer opening the file is not a bug, but being able to edit the file without giving the correct password is.

Also confirmed on:

Version: 7.2.6.2 / LibreOffice Community
Build ID: b0ec3a565991f7569a5a7f5d24fed7f52653d754
CPU threads: 8; OS: Linux 5.13; UI render: default; VCL: gtk3
Locale: en-AU (en_AU.UTF-8); UI: en-US
Calc: threaded
Comment 25 Timur 2022-04-11 08:01:28 UTC
*** Bug 148457 has been marked as a duplicate of this bug. ***
Comment 26 Timur 2022-04-11 08:08:09 UTC
I don't consider this a bug. LO works more like OCR than PDF editor. Any OCR will render password useless. If someone tries to open that PDF in LO, he obviously wants to edit it, why restrict that and say "look for some other app".
Comment 27 Chris 2022-04-11 08:21:57 UTC
(In reply to Timur from comment #26)
> I don't consider this a bug. LO works more like OCR than PDF editor. Any OCR
> will render password useless. If someone tries to open that PDF in LO, he
> obviously wants to edit it, why restrict that and say "look for some other
> app".

Not a bug? I don't think so, then why LO ask for a password in the first place? Then allow user to enter and edit the file with blank password or just hit cancel?
There must be something wrong with the work flow! :)
Comment 28 Chris 2022-04-11 08:31:08 UTC
(In reply to stragu from comment #24)
> Changing summary to be more accurate as a PDF viewer opening the file is not
> a bug, but being able to edit the file without giving the correct password
> is.
> 
> Also confirmed on:
> 
> Version: 7.2.6.2 / LibreOffice Community
> Build ID: b0ec3a565991f7569a5a7f5d24fed7f52653d754
> CPU threads: 8; OS: Linux 5.13; UI render: default; VCL: gtk3
> Locale: en-AU (en_AU.UTF-8); UI: en-US
> Calc: threaded

I agree on this! Is it possible to work this way?
If wrong password, then user has the option to open the file with set permission as per creator set if not, then block.