-
Notifications
You must be signed in to change notification settings - Fork 40
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Convert images to jpg/png to make them printable #2177
Comments
Good things about including imagemagick in the large template, not just for printing:
I think ideally we'd be able to stop supporting multiple separate export paths, so we wouldn't just install imagemagick for printing purposes, but along a single consolidated print/export path (that might/should involve dangerzone) :) |
This also has overlap with Dangerzone. It currently uses ImageMagick / LibreOffice with mimetypes hardcoded. Whatever solution we converge on, so both projects could benefit by converging approaches. It is essentially the same problem: how do I generally know what is printable and which tool to print it with. |
Yeah, I feel that this is kind of a problem set that we might better delegate to Dangerzone instead of having two similar project/implementations. I don't know how far/close DZ is ready to being plugged in and if we're ready for that. I was poking at imagemagick's identify command that can be used to well, identify a file:
But then if you try it on a docx:
Oops, it is "smart" and converts the docx to pdf and then says oh, it's a pdf. But how is it converting docx to pdf?
(trimmed because there's a bunch more formats) It's just using libreoffice under the hood 🙃 I couldn't find any way to turn off the conversion with |
That is incredibly useful! Thanks for the pointer. Flagging @freedomofpress/dangerzone-maintainers as a potential collaboration / integration opportunity. |
If integrated with Dangerzone it would be nice if the conversion were to happen in the viewer itself instead of spinning up an intermediate VM. This is different than how Dangerzone typically operates in Qubes. |
Heya, So if I understand correctly, the goal would be to use dangerzone to convert images to a printable format. This is currently doable with the command line utility (it only produces PDFs, no jpg/png as mentioned in the issue): dangerzone-cli --output-filename output.pdf input.format Some of the formats listed in the issue aren't supported (
That might be a good opportunity to look adding support for more formats.
I'm not sure to understand what you mean by this? (what do you call "the viewer" ?). Do you need the security guarantees provided by dangerzone? |
Thanks for the comments. The main thing that sparked the conversation is that we're kind of already needing to convert documents and that's something Dangerzone already does. Integration with Dangerzone is something we're aiming for at some point, and we just found another place where it is relevant and would de-duplicate our effort.
In Qubes, one doesn't need Dangerzone typically because you can "Open document in Disposable VM", which opens a viewer directly. This is the "the Viewer" I am referring to. But it is not fully relevant here yet since we don't yet have nailed down the print architecture. But my idea is that if we ever want to print a file from "the viewer" VM, then Dangerzone would ideally do the "doc to pixels" phase there and then send the result to another VM to reassemble the doc ("pixels to PDF") and later print / export. This would not reduce the risk since the file is already open in said VM. This is not how Dangerzone currently works. Instead, it starts a VM / container for the first conversion part. So it would require some plumbing on Dangerzone's side to have the "server" component run locally and have the client on a secondary more trusted VM. Hopefully this makes more sense. But we can schedule a call at some point when trying to tackle this. |
Thanks for the explanation, it makes more sense indeed 👍 I have one question left: you're talking about Qubes here, and my understanding is that it's not the only "environment" on which securedrop-client can run. On these other environments, would you also need to use dangerzone (maybe in a more "traditional" way)? Now, on Qubes, the part that's currently running in the DZ container (that you named "the server") can probably be resumed to the I'm not sure if this use case should be handled by the dangerzone project directly, as it seem very specific to how Qubes work, but we should definitely make it possible by offering APIs that makes this as simple as possible. |
Thanks for the comments. The main thing that sparked the conversation is that we're kind of already needing to convert documents and that's something Dangerzone already does. Integration with Dangerzone is something we're aiming for at some point, and we just found another place where it is relevant and would de-duplicate our effort.
In Qubes, one doesn't need Dangerzone typically because you can "Open document in Disposable VM", which opens a viewer directly. This is the "the Viewer" I am referring to. But it is not fully confirmed that this is the path we want since we don't yet have nailed down the print architecture, but should it happen, then the idea idea is that if we ever want to print a file from "the viewer" VM, then Dangerzone would ideally do the "doc to pixels" phase there and then send the result to another VM to reassemble the doc ("pixels to PDF") and later print / export. This would not reduce the risk since the file is already open in said VM. This is not how Dangerzone currently works. Instead, it starts a VM / container for the first conversion part. So it would require some plumbing on Dangerzone's side to have the "server" component run locally and have the client on a secondary more trusted VM. Hopefully this makes more sense. But we can schedule a call at some point when trying to tackle this. |
Description
Like we use LibreOffice to convert documents to PDFs so they can be printed, we should do the same for images.
How will this impact SecureDrop users?
How would this affect the SecureDrop Workstation threat model?
imagemagick
. This tool runs inside a dispVM, so I don't think it would introduce any more attack surface than LibreOffice would.User Stories
The text was updated successfully, but these errors were encountered: