** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to evince in Ubuntu. https://bugs.launchpad.net/bugs/1181551
Title: evince automatically opens url Status in “evince” package in Ubuntu: New Bug description: Hi, Many of the refcards that can be found on DZone contain code that automatically opens an advertising URL: http://refcardz.dzone.com/ In Evince, when the refcard is opened, the URL is automatically opened in the default browser (FF in my case). I know that this is part of the specifications of the "new" pdf format specifications (not so new, since it dates AcrobatReader 5.x). However, I would like to see this behaviour stopped, or at least configurable, since: - this is a strong privacy violation: using such connexions, the owner of the URL knows that I have opened the pdf and can trace whatever I do with the pdf (what pages I look, I print, etc.) - this is a strong security treat, since the URL might contain code and payload that exploits common browsers, break the security of the OS and take control of the box on which the pdf has been opened. PDF readers should not blindly execute any code present in (what should be flat text) files that people download carelessly on the internet! Thanks in advance for doing something to limit security and privacy breaches in linux boxes... G.M. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1181551/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
