Dangerzone (PDF Sandboxing)

jerm · December 22, 2023, 3:02pm

Dangerzone

Take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs.

Would it be more convenient to use Dangerzone than using pdf.js with a sandboxed browser (such as Chromium (Brave doesn’t use it) or Firefox) in a virtual machine without network access? Because this method is an overkill for the average user.

widget · December 22, 2023, 3:22pm

Even I wanted to know if opening pdf in Firefox is good as it has all the features which I use in SumatraPDF.
This would help me in reducing one more software for just pdf docs.

seize · December 22, 2023, 6:11pm

I have been wanting to try out Dangerzone for a while now. However it seems the fedora package is broken at the moment.

I will definitely have to give dangerzone a shot on my Ubuntu machine though.

Relevant links regarding fedora support, for anyone interested.
Dangerzone mastodon post on the issue
github issue concerning fedora 39 support

HauntSanctuary · December 23, 2023, 2:10am

Assuming the payload isnt in the PDF itself (that VirusTotal would /should find), would temporarily disconnecting from the internet be sufficient or is there something more?

I dont think we should be opening PDFs directly into browsers as well?

Valynor · December 23, 2023, 3:33pm

I think opening a PDF in a (Chromium) browser is still the safest place* because all tabs are sandboxed. You would need an exploit chain to break out of there and considering the speed in which Chromium CVEs get fixed bad actors usually don’t burn these expensive exploits on common people.

*a step up for this is opening the pdf in chromium in a Linux VM with no network access, deleting the VM snapshot afterwards

exaCORE · December 23, 2023, 8:39pm

Does that apply to firefox? (Does firefox have per tab isolation yet?)

seize · December 24, 2023, 3:11am

If I understand correctly Firefox per site isolation is essentially the same as Chromium’s per tab isolation. Therefore Firefox should be suitable for this use.

Relevant links:
Firefox per site isolation
Chromium per site isolation

Average_Joe · December 31, 2023, 8:16pm

I’ve been waiting for this as well!

Is there an update???

seize · December 31, 2023, 8:45pm

Firefox (for desktop) has had per tab isolation since 2020. On android per tab isolation exists, but it is disabled by default. The only way I know of to enable per tab isolation on android is through about:config

Unfortunately about:config is only available on Firefox forks and Firefox nightly. I don’t know if there is a roadmap for enabling Per tab isolation on android, however I have heard that it causes significant battery drain.

sha123 · December 31, 2023, 9:39pm

Doesn’t matter much, because the renderer processes are still not properly sandboxed on Android.

sha123 · December 31, 2023, 9:49pm

Not convinced to use this for potentially malicious documents on Linux, because the container is not a strong sandbox.

Edit: just revisited their container usage on Linux and the security parameters look good.

ParkerS · June 20, 2024, 3:54am

I was linked to Dangerzone from https://www.techlore.tech/resources which appears to be a pdf or file converter? Something like that? I wanted to check here before looking too far into the website. Can I trust this site?

ParkerS · June 21, 2024, 8:22am

Thanks, read through it.
I’m going to be so honest with you, I don’t know enough about sandboxxing, virtual machines, or tab isolation for that thread to make much sense to me.

I love learning, and I am perpetually learning, but “computer stuff” has never came easily to me. The closest I’ve ever gotten to learning anything even vaguely in this realm was learning rudementary coding on Scratch in like 2013. I just put my focus elsewhere.

Can you… translate(?) it for me? Like the jist of what the conclusions people are coming to in the comments are? Sorry, I feel bad for asking and this is a bit embarrassing.

EDIT:
This post and the one above it were merged into this topic over from the questions tab where it was its own topic. Sorry.

jonah · June 21, 2024, 8:34am

It converts a PDF (which might contain malware) to one which is safe to open. You might learn more about how it works here:

https://dangerzone.rocks/about.html

It is still possible to be hacked using Dangerzone, if the malware in the PDF is designed to target Dangerzone specifically. There is also more detail about this in the link above.

ianopolous · June 21, 2024, 3:02pm

If you’re worried about viewing potentially malicious pdfs or docs then viewing them in peergos is an easy solution. The sandbox in peergos is designed to prevent exfiltration, even if the pdf or doc viewer code is compromised.

jerm · December 12, 2024, 9:57pm

Dangerzone uses gVisor to secure its document conversion process Safe Ride into the Dangerzone: Reducing attack surface with gVisor

I came across this thread on HN

https://news.ycombinator.com/item?id=42402176 , https://news.ycombinator.com/item?id=42402749

sha123 · December 13, 2024, 8:09am

Great news. Makes it quite a lot more secure.

Topic		Replies	Views
How to convert malicious pdf to safe file? Privacy	2	362	July 11, 2024
Safest PDF editor? Questions software	20	1075	September 9, 2024
Opening pdf as read only Questions	4	159	September 23, 2024
State of Sandboxing in Linux Privacy	7	886	September 9, 2024
PDF Editor for macOS Questions software	3	509	July 1, 2024

Dangerzone (PDF Sandboxing)

Dangerzone

Related topics