Acta Informatica Pragensia 2014, 3(1), 8-22 | DOI: 10.18267/j.aip.323900

O čitelnosti příloh datových zpráv v PDF na platformě OS X

Tomáš Zahradnický
Katedra počítačových systémů, Fakulta informačních technologií, České vysoké učení technické v Praze, Thákurova 9, 166 21 Praha 3

Informační systém Datových schránek je významným informačním systémem státní infrastruktury. Návrhu takové informačního systému je nutné věnovat patřičnou péči i vzhledem k tomu, že pokud by se v návrhu později objevila trhlina, mohla by mít nedozírné následky na všechny uživatele. Trhlina, o které budeme pojednávat, se týká způsobu zasílání některých datových zpráv obsahujících přílohy ve formátu PDF. Některé z těchto příloh nemusí být příjemci používajícími výchozí internetový prohlížeč Safari na operačním systému OS X schopni správně otevřít. Článek tuto situaci analyzuje a dává odpověď na otázku, kdy bude příloha ve formátu PDF otevřena správně a kdy nikoliv.

Keywords: Datová zpráva, datová schránka, ISDS, PDF, OS X, Safari

On the Legibility of Data Message PDF Attachments on the OS X Platform

The Data Message Information System is a remarkable information system of the state infrastructure. Design of an information system of such importance should be done with much care also due to fact that if a design flaw appeared later, it could have severe impacts at the users. A flaw that will be discussed in this paper applies to a data message sending process of messages containing PDF attachments. Users with the default Safari web browser on OS X do not need to be always able to open such attachments. The paper analyses the situation and gives an answer to a question when will a PDF attachment be opened correctly and when not.

Keywords: Data Message, Data Mailbox, DMIS, PDF, OS X, Safari

Received: March 30, 2014; Revised: June 9, 2014; Accepted: June 14, 2014; Published: June 20, 2014  Show citation

ACS AIP APA ASA Harvard Chicago Chicago Notes IEEE ISO690 MLA NLM Turabian Vancouver
Zahradnický, T. (2014). On the Legibility of Data Message PDF Attachments on the OS X Platform. Acta Informatica Pragensia3(1), 8-22. doi: 10.18267/j.aip.32
Download citation

References

  1. Apple, Inc. (2012). CFNetwork Programming Guide. Retrieved from https://develo-per.apple.com/library/mac/documentation/Networking/Conceptual/CFNetwork/CFNetwork.pdf.
  2. Apple, Inc. (2011). OS X ABI Function Call Guide. Retrieved from https://develo-per.apple.com/library/mac/documentation/DeveloperTools/Conceptual/LowLevelABI/Mac_OS_X_ABI_Function_Calls.pdf.
  3. Apple, Inc. (2014a). Secure Transport Reference. Retrieved from https://develo-per.apple.com/library/mac/documentation/Security/Reference/secureTransportRef/secureTransportRef.pdf.
  4. Apple, Inc. (2014b). The WebKit Open Source Project. Retrieved from http://www.webkit.org.
  5. Barua, A., Shahriar, H., & Zulker, M. (2011). Server Side Detection of Content Sniffing Attacks. In 22nd International Symposium on Software Reliability Engineering (pp. 20-29). IEEE. Go to original source...
  6. Cortesi, A., & Hils, M. (2013). Mitmproxy: A man-in-the-middle proxy. Retrieved from http://mitmproxy.org/.
  7. Dierks, T., & Allen, C. (1999). The TLS Protocol Version 1.0. Retrieved from http://tools.ietf.org/html/rfc2246. Go to original source...
  8. Faltstrom, P., Crocker, D., & Fair, E. (1994). MIME Content Type for BinHex Encoded Files. Retrieved from https://tools.ietf.org/html/rfc1741.
  9. Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P. (1999). Hypertext Transfer Protocol-HTTP/1.1. Retrieved from https://tools.ietf.org/html/rfc2616. Go to original source...
  10. Freed, N., & Borenstein, N. (1996a). Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies. Retrieved from https://tools.ietf.org/html/rfc2045.
  11. Freed, N., & Borenstein, N. (1996b). RFC 2046 - Multipurpose Internet Mail Extensions (MIME) Part Two: Media Types. Retrieved from https://tools.ietf.org/html/rfc2046.
  12. Freier, A., Karlton, P., & Kocher, P. (2011). The Secure Sockets Layer (SSL) Protocol Version 3.0. Retrieved from http://tools.ietf.org/html/rfc6101.
  13. Hemsley, G. P., Barth, A., & Hickson, I. (2010). MIME Sniffing Standard, Living Standard. Retrieved from http://mimesniff.spec.whatwg.org.
  14. Hex-Rays S.A. (2014a). Hex-Rays Decompiler: Overview. Retrieved from https://www.hex-rays.com/products/decompiler/index.shtml.
  15. Hex-Rays S.A. (2014b). The Interactive Disassembler. Retrieved from https://www.hex-rays.com/index.shtml.
  16. Howard, M., & LeBlanc, D. (2003). Writing Secure Code. Redmond, WA, USA: Microsoft Press.
  17. LLVM Developer Group. (2014). The LLDB Debugger. Retrieved from http://lldb.llvm.org/index.html.
  18. Melnikov, A., & Reschke, J. (2012). Update to MIME regarding "charset" Parameter Handling in Textual Media Types. Retrieved from https://tools.ietf.org/html/rfc6657.
  19. Microsoft Corp. (nedatováno). MIME Type Detection in Windows Internet Explorer. Retrieved from http://msdn.microsoft.com/en-us/library/ms775147.aspx.
  20. Olson, P., Loeb, L., Shapiro/Maug, N., Hagerman, M., Pester, M., & Bond, W. (1987). The MacBinary II Standard. Retrieved from http://files.stairways.com/other/macbinaryii-standard-info.txt.
  21. Ornaghi, A., Valleri, M., Escobar, E., & Milam, E. (2013). A comprehensive suite for man in the middle attacks. Retrieved from http://ettercap.github.io/ettercap/index.html.
  22. Prowell, S., Kraus, R., & Borkin, M. (2010). Seven Deadliest Network Attacks. Burlington, MA, USA: Syngress. Go to original source...
  23. Reschke, J. (2011). Use of the Content-Disposition Header Field in the Hypertext Transfer Protocol (HTTP). Retrieved from https://tools.ietf.org/html/rfc6266.
  24. Seacord, R. C. (2013). Secure Coding in C and C++. USA: Addison-Wesley Professional.
  25. Taft, E., Pravetz, J., Zilles, S., & Masinter, L. (2004). The application/pdf Media Type. Retrieved from https://tools.ietf.org/html/rfc3778.
  26. Zalewski, M. (2012). The Tangled Web. San Francisco, CA, USA: No Starch Press.

This is an open access article distributed under the terms of the Creative Commons Attribution 4.0 International License (CC BY 4.0), which permits use, distribution, and reproduction in any medium, provided the original publication is properly cited. No use, distribution or reproduction is permitted which does not comply with these terms.