Restrict URLs and attachments in PDFs

Acrobat and Reader warn you any time you try to open a URL (website) or a file attachment that uses a disallowed file type. URLs and disallowed file types are potentially dangerous because they can transfer or run programs, macros, or viruses that can damage your computer. Examples of disallowed file types include .exe and .zip files.

You can allow your product to contact specific websites by adding those URLs to your list of allowed websites in the Trust Manager preferences. Or, you can allow all URLs. In the Trust Manager preferences, click Change Settings on the right to see a list of trusted and blocked sites to edit. Remove any URLs you no longer want to visit. To open file attachments in your product, respond to a prompt by indicating that you always allow files of that type. The file type is then added to a list stored in the registry. To restrict a file type that you permitted in the past, reset this list to its default settings in the Trust Manager preferences. You can assign additional trust in the Enhanced Security preferences.

Note: Acrobat and Reader also alert you when a PDF attempts to complete other potentially risky actions. (See Security alerts and Enhanced security.)

Trust Manager preferences

To open the Trust Manager preferences, open the Preferences dialog box, and select Trust Manager on the left.

Allow Opening Of Non-PDF File Attachments With External Applications
When selected, allows file attachments to start external applications when you open the files. You must have the external applications to open the files.
Note: For security reasons, certain file types (such as .zip and .exe files) cannot be saved or opened with Acrobat. Acrobat products maintain a registry/plist-level black and white list of file types that can be saved and opened with Acrobat. You cannot change this list by using the Acrobat interface. The only way to change the list is by manually editing the registry, which is not recommended. Although Acrobat allows you to attach files that cannot be saved or opened from the program, this practice is also not recommended.

Restore Default List Of Allowed And Disallowed File Attachment Types
Removes saved settings you chose for opening attachments. For example, if you chose to always open TMP attachments when prompted, TMP appears in the list of allowed file attachment types. By clicking Restore, you remove TMP from the list. The Restore button is available only if you changed the attachment defaults.

Change Settings (Internet Access From PDF Files Outside The Web Browser)
When clicked, lets you specify the default behavior for accessing the Internet from PDFs. To restrict access to only the URLs you specify, select Let Me Specify A List Of Allowed And Blocked Web Sites (the default). To allow access to all URLs, select Allow All websites. To restrict access with all URLs in PDFs, select Block All Web Sites.
Note: If the options in the Manage Internet Access dialog box are dimmed, select Let Me Specify A List Of Allowed And Blocked Web Sites. If options are still dimmed, your product could be under an administrator’s control with those restrictions in place.

To specify a list of allowed and blocked websites, type each URL in the box, and click Allow or Block. Then, specify the default behavior for Acrobat for websites that are not in the list.

Note: If you open a protected PDF and receive a prompt to allow or block a URL, select Remember My Action For This Site. This reply adds the URL to this list.

Load Trusted Root Certificates From An Adobe Server
Allows Acrobat to automatically download trust settings from an Adobe server.

Ask Before Installing
When selected, prompts the user when new root certificates are downloaded from Adobe. Click Update Now to check for and install new root certificates immediately.