mirror of https://github.com/freedomofpress/dangerzone.git synced 2025-04-28 18:02:38 +02:00

Take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs

Find a file

Micah Lee d164dd7076 Merge pull request #55 from firstlookmedia/38_docker_service_stopped Offer to restart and enable docker if service is down		2020-03-13 22:19:36 +01:00
.circleci	Remove pulling submodules from CircleCI package building, because we no longer use submodules	2020-03-10 08:53:13 +01:00
assets	Add dangerzone document icon	2020-01-13 14:10:02 -08:00
dangerzone	If docker service is not running, try to start it	2020-03-12 16:00:30 -07:00
dev_scripts	Initial commit	2020-01-06 14:40:09 -08:00
install	Added podman dependency for Fedora (#42 )	2020-03-12 14:50:21 -07:00
share	Restart and enable docker.service instead of just docker	2020-03-13 14:16:08 -07:00
test_docs	Allow opening docm files	2020-03-03 19:23:46 +05:30
.gitignore	Commit the pyinstaller.spec, including CFBundleDocumentTypes array to open all document formats	2020-01-13 14:16:21 -08:00
BUILD.md	Added podman dependency for Fedora (#42 )	2020-03-12 14:50:21 -07:00
CHANGELOG.md	Version bump to 0.1	2020-02-28 17:38:49 -08:00
LICENSE	Initial commit	2020-01-06 12:42:38 -08:00
poetry.lock	In Windows, disable opening of safe PDF, make saving PDF required, and after safe PDF has been created, open Windows explorer with the safe PDF selected	2020-02-20 16:53:25 -08:00
pyproject.toml	Update release documentation	2020-02-28 18:01:57 -08:00
README.md	Update readme	2020-03-12 09:06:26 -07:00
RELEASE.md	Update release documentation	2020-02-28 18:01:57 -08:00
setup.py	Remove git submodule, and all references to the container	2020-02-27 15:21:30 -08:00
stdeb.cfg	Oops, dh-python should not be a build dep. And change classifiers in setup.py to a list instead of a tuple	2020-02-24 16:19:07 -08:00

README.md

dangerzone

Take potentially dangerous PDFs, office documents, or images and convert them to a safe PDF.

Dangerzone works like this: You give it a document that you don't know if you can trust (for example, an email attachment). Inside of a sandbox, dangerzone converts the document to a PDF (if it isn't already one), and then converts the PDF into raw pixel data: a huge list of of RGB color values for each page. Then, in a separate sandbox, dangerzone takes this pixel data and converts it back into a PDF.

Read more about dangerzone in the blog post Dangerzone: Working With Suspicious Documents Without Getting Hacked.

Getting started

Download dangerzone 0.1 for Mac
Download dangerzone 0.1 for Windows
See installing dangerzone on the wiki for Linux repositories

Some features

Sandboxes don't have network access, so if a malicious document can compromise one, it can't phone home
Dangerzone can optionally OCR the safe PDFs it creates, so it will have a text layer again
Dangerzone compresses the safe PDF to reduce file size
After converting, dangerzone lets you open the safe PDF in the PDF viewer of your choice, which allows you to open PDFs and office docs in dangerzone by default so you never accidentally open a dangerous document

Dangerzone can convert these types of document into safe PDFs:

PDF (.pdf)
Microsoft Word (.docx, .doc)
Microsoft Excel (.xlsx, .xls)
Microsoft PowerPoint (.pptx, .ppt)
ODF Text (.odt)
ODF Spreadsheet (.ods)
ODF Presentation (.odp)
ODF Graphics (.odg)
Jpeg (.jpg, .jpeg)
GIF (.gif)
PNG (.png)
TIFF (.tif, .tiff)

Dangerzone was inspired by Qubes trusted PDF, but it works in non-Qubes operating systems. It uses containers as sandboxes instead of virtual machines (using Docker for macOS, Windows, and Debian/Ubuntu, and podman for Fedora).

Set up a development environment by following these instructions.

The git repository for the container is called dangerzone-converter.