[Sugar-devel] Deployment feedback braindump

Bernie Innocenti bernie at codewiz.org
Wed Aug 12 10:02:22 EDT 2009


El Wed, 12-08-2009 a las 13:28 +0100, Lucian Branescu escribió:
> Adobe apparently loves vectors.

And monopolies.


> JavaScript-in-PDF is mostly a joke and a big security risk. It's not
> something to be relied upon.

It might be useless, but I don't see why it should be more risky than
Javascript in web browsers, which everybody happily accepted without
much thought.  Is JS in PDF even allowed to make HTTP connections?


> Forms are about as much interaction as PDF get without becoming
> dangerous or moot.

How do you dubmit the form?  By HTTP?  Does the PDF reader tell the user
when it's going to make this connection?

Knowing how proprietary software companies think, I wouldn't ever dare
using Adobe Acrobat Reader.  But I blindly trust Evince, Okular and all
free PDF readers to do whatever it takes to protect my security and
privacy regardless of what the document or the PDF standard tells them
to do.

-- 
   // Bernie Innocenti - http://codewiz.org/
 \X/  Sugar Labs       - http://sugarlabs.org/




More information about the Sugar-devel mailing list