Skip to main content
T
Test36246370m6r9
Participant
March 22, 2024
Answered

What's the real world risk to the system of disabling Global Object Security Policy

  • March 22, 2024
  • 1 reply
  • 1839 views

I've read through a post in this forum about similar question (back in 2017), but it didn't quite answer my question.

 

I understand that global object is readable by others, but is there any risk of one document implanting a malware/virus  in the global object, which affects other documents?  Or in more general term, is there any risk by disabling the policy, which may results in a much wider thread?

    This topic has been closed for replies.
    Correct answer Amal.

    Again, I've already stated that in my original post.  I'm aware that it's readable by others.  My question is, as per my original post, 

    quote

    is there any risk of one document implanting a malware/virus  in the global object, which affects other documents?  Or in more general term, is there any risk by disabling the policy, which may results in a much wider thread?

     

    It sounds to me like either you are not sure or the answer is there is no other risks besides it's readable by others?


    Hi there,

     

    Yes, you got it right. Disabling the "global object security policy" poses no threat to your user's computer. It functions solely to generate a single tracking ID or cookie on their device, similar to how browser sessions handle cookies. Therefore, its deactivation does not cause any harm to the user's system.

     

    Regards

    Amal

     

    Got your issue resolved? Please label the response as 'Correct Answer' to help your fellow community members find a solution to similar problems.

    1 reply

    Amal.
    Community Manager
    Amal.Community Manager
    Community Manager
    March 22, 2024

    Hi @Test36246370m6r9 

     

    Hope you are doing well and thanks for reaching out.

     

    Please check out the correct answer marked in the similar discussion https://community.adobe.com/t5/acrobat-reader-discussions/can-you-tell-me-what-the-enable-global-object-security-policy-is-really-doing-and-what-is-the-real/m-p/8944624#M23914 and see if that works.

     

    ~Amal

     

    Got your issue resolved? Please label the response as 'Correct Answer' to help your fellow community members find a solution to similar problems.

    T
    Test36246370m6r9Author
    Participant
    March 22, 2024

    Thanks Amal.

    That discussion didn't answer my question as per my first statement.  That's why i elaborated explicitly on what I am asking, which that discussion back in 2017 didnt address

    Amal.
    Community Manager
    Amal.Community Manager
    Community Manager
    March 26, 2024

    Thanks again Amal.

    I've read what you've posted on Adobe docs.  It only says what it is but doesn't say what are the risks if I disable it.

     

    This option was disabled by default.  "It is ok" to disable it because DRM needs it is strange.  That's why I would like to understand what kind of exposure am I facing by disabling it?  It can't be none if it was disabled by default.  This is not document level setting but Adobe acrobat setting which will be used by all pdf docs opened using Adobe acrobat.


    Hi there

     

    This policy restricts the use of a global scripting object within the application. This object is accessible to all programs across different contexts and can persist information across sessions. Its unrestricted accessibility poses a potential security risk, allowing anyone to access stored data without requiring knowledge of specific item names.

    Disabling this feature is an option to mitigate these security concerns.

     

    A responsible approach for developers involves refraining from storing sensitive data within this object. Alternatively, if necessary, sensitive data should be encrypted, hashed, or at least obfuscated to enhance security.

     

    Please note that enabling this option may result in certain scripts malfunctioning.

     

    Hope this answers your query.

     

    ~Amal

     

    Got your issue resolved? Please label the response as 'Correct Answer' to help your fellow community members find a solution to similar problems.

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices