Highlighted

Define Protected View Options

New Here ,
Jun 14, 2017

Copy link to clipboard

Copied

Hi Adobe

I have recently deployed Acrobat Reader DC to my company and we have Protected View set to All files by default however, the end user is able to modify that setting.  I have been exploring the possibility of controlling this setting by a registry key via Group Policy which is easy enough.  But I haven't been able to find anything that defines what "Files from protentially unsafe locations".

Are you able to provide me with what a potentiall unsafe location is please?

Topics

Acrobat

Views

472

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

Define Protected View Options

New Here ,
Jun 14, 2017

Copy link to clipboard

Copied

Hi Adobe

I have recently deployed Acrobat Reader DC to my company and we have Protected View set to All files by default however, the end user is able to modify that setting.  I have been exploring the possibility of controlling this setting by a registry key via Group Policy which is easy enough.  But I haven't been able to find anything that defines what "Files from protentially unsafe locations".

Are you able to provide me with what a potentiall unsafe location is please?

Topics

Acrobat

Views

473

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Jun 14, 2017 0
Most Valuable Participant ,
Jun 15, 2017

Copy link to clipboard

Copied

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 15, 2017 0
Adobe Employee ,
Jun 15, 2017

Copy link to clipboard

Copied

It's a very basic definition but it's defined in the Adobe Customization Wizard DC's Help documentation.

Security — Acrobat Customization Wizard DC for Windows

Protected Viewhttp://www.adobe.com/devnet-docs/acrobatetk/tools/Wizard/WizardDC/security.html#protected-view

Protected View (PV) is a highly secure “super-sandbox” that is essentially a read-only mode. In Protected View, all features are disabled except those associated with viewing (e.g., zoom, navigation, links, find, etc.). Users must select Enable all features if they wish to do anything more than read the PDF. This action assigns trust and adds the document to the users’ list of Privileged Locations. PV behaves identically for Acrobat and Reader whether viewing PDFs in a browser or in a standalone product.

Note

In Reader 11.0, Protected View is only supported when Protected Mode is enabled. There can by no HKCU or HKLM Protected Mode registry preference set to 0 (off) when Protected View is enabled.

There are three configuration options:

  • Off: Disable Protected View.
  • Files from potentially unsafe locations: Open files from the internet or other unknown (and therefore untrusted) sources in Protected View.
  • All files: Open all files in Protected View.

Protected View configuration

_images/protectedview.png

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Jun 15, 2017 0
New Here ,
Sep 20, 2018

Copy link to clipboard

Copied

  • Files from potentially unsafe locations: Open files from the internet or other unknown (and therefore untrusted) sources in Protected View.

this is a very simplistic answer, and doesn't seem to be answering the question.

Does this mean all files from the internet are viewed as unsafe?  if said file is downloaded to the downloads folder, is it still unsafe?  what if it's downloaded to documents?

If i download a pdf from the internet, and keep it in my documents, will i constantly have this file flagged?

how does adobe reader determine if the file is unsafe?  is it based on the location of the file (IE, what folder it's in), or based on a characteristic of the file in question, and if that's the case, how does it identify that characteristic.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Sep 20, 2018 0
Adobe Employee ,
Sep 20, 2018

Copy link to clipboard

Copied

Read the ETK's Sandbox Protections section for a little more detail.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Sep 20, 2018 1
New Here ,
Sep 21, 2018

Copy link to clipboard

Copied

That actually helps to customize the zones, but I can't get it to apply to Windows 7 (and It doesn't explain what the default settings are, only how to customize it).

When I do try to create a custom whitelist, I experience the same issue I am experiencing when using the custom wizard, it seems that the HKLM registry settings have no effect on the application.  I created a separate posting at Adobe Reader 2017 privileged locations not working , but in general, it seems changes make in the HKLM hive are not being applied, including the ProtectedModeWhitelistConfig.txt that the sandbox protections uses (but the HKCU settings are, so manual changes do work).

Have you confirmed that it actually works? I can see the keys present in the registry, but the application is ignoring them.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Sep 21, 2018 0