Settings

Theme

Linux Running in a PDF (2025)

linux.doompdf.dev

85 points by matthewsinclair 2 months ago · 22 comments

Reader
robinsonb5 2 months ago

Just like Doom-in-a-PDF, this is in equal measure incredibly impressive and utterly horrifying that it's possible.

  • anthk 2 months ago

    PostSscript files came from the same company in the 80's -Adobe- and with GhostScript and zmachine.ps you can play Zork I-III, Calypso, Tristam Island and the rest of propietary Infocom text adventures on it with ease.

    What zmachine.ps does is to emulate the ZMachine VM in PostScript and display the output to stdout/console.

    And if it werent for the PS stack limitations for sure you could emulate Linux under Risc-V.

    Heck, you can emulate old RISC Linux' syscalls (enough to run static binaries) in Perl without ever calling to C bindings, not even once.

    • robinsonb5 2 months ago

      PostScript is awesome - I still use it to do this day for hacking together Variable Data Printing projects, with the aid of GhostScript.

  • TacticalCoder 2 months ago

    > Just like Doom-in-a-PDF, this is in equal measure incredibly impressive and utterly horrifying that it's possible.

    Yes but at the same time we now have options... For example it's now totally possible to do the following:

        - intercept any PDF downloaded
    - send it to a sandboxed app before opening
    - open it from withing the sandbox
    - headlessly screenshot every page to images
    - pull the pictures (one per page) out of the sandbox
    - reconstruct a similar PDF from the pictures
    It's not hard and it can literally be vibe coded in a few prompts (because it's really not hard).

    Some people are going to say: "But PDFs aren't supposed to be PICTURES, it has to be searchable, so we want our Turing-complete, exploits-ridden, 2 GB big PDF readers running as admin/root and we insist, we repeat INSIST, to have our ability to open any unkown PDF from any proprietary PDF readers for that is the way!".

    Thing is: we know have tool that can extract text from pictures too and they work perfectly fine.

    So, yup, the surface attack PDFs have is utterly horrifying but we're already at a point where we can just honey-badge any potentially evil PDF into a well-behaving one.

mapt 2 months ago

What reasonably competent PDF-reader applications are not competent enough be Turing-complete?

someprick 2 months ago

Just for what it's worth… VirusTotal flags that as possibly containing a Trojan.

Perhaps that's due to the nature of the method of execution? But I wouldn't run that…

edit: +possibly

RajT88 2 months ago

butwhy.gif

karel-3d 2 months ago

This is a low effort blogspam. (Twitterspam?)

  • indigodaddy 2 months ago

    It's also all over LinkedIn. It's all just kind of super dumb imo. One of the worst offenders of note was this security person's ad-riddled regurgitation of it that they promoted on LinkedIn:

    https://hackingpassion.com/linux-inside-pdf/

    When I protested about their shitty website shoving ads down my throat, the answer was - I'm paraphrasing of course, but something along the lines of - of course I need ads! I have to cover the cost of my shitty WordPress site (and what are you even thinking to question that!!?? You outta ur mind or somethin?)

    I felt like I was indeed stuck with her in 2010 after that...

cyanydeez 2 months ago

Can we use it as an AI sandbox!

eslaught 2 months ago

Post is new but the original PDF is from 2025:

Previous discussion: https://news.ycombinator.com/item?id=42959775

matthewsinclairOP 2 months ago

And here's the PDF: https://linux.doompdf.dev/linux.pdf

Keyboard Shortcuts

j
Next item
k
Previous item
o / Enter
Open selected item
?
Show this help
Esc
Close modal / clear selection