Reputation: 905
Ghostscript does not honor PDF security permissions
I need to protect a set of PDF files that will be exposed to users on a webpage. PDF should only be readable, no other permission should be possible.
Using pdftk I have created "secured" PDF which I have tested both in various browsers. So far so good.
pdftk input.pdf output protected.pdf owner_pw <PASSWORD_GOES_HERE>
But a colleague of mine pointed me a way which with Ghostscript 8.70 it is possible to remove the protection:
ghostscript -dNOPAUSE -dBATCH -sDEVICE=pdfwrite -sOutputFile=unprotected.pdf -c .setpdfwrite -f protected.pdf
Does this means that Ghostcript does not honor security permissions?
I wanted to try signing with a certificate, but I've seen that this can also be circumvented: http://ronin-group.org/misc_pdfsignatures.html
How to genuinely protect the content from PDF from users when serving them in web pages?
Upvotes: 3
Views: 2177
Answers (1)
Reputation: 90193
"How to genuinely protect the content from PDF from users when serving them in web pages?"
You cannot.
Upvotes: 4
Related Questions
- how to set user and owner password for PDF using ghostscript?
- Password protected PDF using Ghostscript
- Extract text from PDF file with password protection
- Can't print using Ghostscript
- is it possible to check if pdf is password protected using ghostscript?
- PDFA is not allow with password?
- Ghostscript with AES-256 password protection for PDF 2.0 documents
- Error in Converting PDF to PostScript with GhostScript, Access is denied Unable to open command line file _.at
- Ghostscript does not report PDF error
- GhostScript Error