PDF Permissions Explained: Print, Copy, Edit, and Why They Are Advisory

When you encrypt a PDF, your tool usually offers checkboxes: allow printing? allow copying? allow form filling? allow modifications? These are PDF permissions, restrictions on what a recipient can do with the file. They are useful, widely used, and far weaker than most people assume. This guide walks through what each permission means, how it is enforced, and what to expect in the real world.

The permissions in the PDF spec

A PDF with an owner password and security settings can restrict:

• Printing, high resolution, low resolution (150 DPI), or none
• Modifying the document, content changes, page additions/removals
• Content copying, selecting text and copying it
• Content accessibility, using the document with screen readers
• Form filling, filling in form fields
• Signing, adding digital signatures
• Page extraction, saving individual pages out
• Adding annotations, comments and markup
• Assembling the document, combining with other PDFs

In Acrobat Pro's Security dialog, these appear as checkboxes after you set the owner password and choose an encryption method.

User password vs owner password

PDFs have two related passwords:

• User password (also called Document Open password), required to open the file at all. Without it, the file is encrypted and unreadable.
• Owner password (also called Permissions password or Master password), required to change permissions or to lift restrictions. Without it, the file opens but restrictions apply.

Either or both can be set:

• Both set: Recipients need the user password to open; restrictions apply unless they also have the owner password.
• Only user password set: Recipients need the password to open; no permissions enforced.
• Only owner password set: Anyone can open the file; restrictions apply.

The "only owner password" case is what powers the typical "no editing, no copying, but free to view" PDF.

How permissions are enforced

This is where reality diverges from intent.

Cryptographically. The permissions flags are part of the encrypted data. Tampering with them invalidates the encryption.

Practically. PDF readers honor permissions on the honor system. The reader decodes the file, sees "printing is not allowed", and disables the Print menu. A different reader might choose to ignore that flag. A custom tool can decode the file and access content directly without honoring any permission flag.

The cryptography says "do not let users print". The implementation says "well, if the reader chooses to disable it". A determined user with the right software can lift any permission restriction.

This is why permissions are correctly described as advisory, not mandatory.

What permissions actually prevent

In real-world conditions:

• Casual users using mainstream readers (Acrobat, Foxit, Preview, browsers): permissions are honored. Most users cannot easily print, copy, or edit a restricted PDF.
• Users with PDF editing tools (Acrobat Pro with owner password, third-party editors): permissions are easily lifted.
• Users with qpdf --decrypt: can strip permissions in seconds if they have the user password.
• Users with content extraction tools: can pull text directly from the file regardless of permissions.

If your threat model is "ordinary users do not casually print", permissions work. If your threat model is "no one ever extracts content", permissions are not enough.

Setting permissions

Adobe Acrobat Pro. File → Properties → Security → Security Method: Password Security. Set owner password and check/uncheck permissions.

Foxit PDF Editor. Protect → Password Protect.

qpdf:

qpdf --encrypt user_pw owner_pw 256 \
     --print=none --modify=none --extract=n \
     --enter -- input.pdf restricted.pdf

The --print=none --modify=none --extract=n flags set specific permissions.

Ghostscript:

gs -sDEVICE=pdfwrite -dEncryptionR=6 -dKeyLength=256 \
   -sOwnerPassword=owner_pw \
   -dEncryptedFonts=true \
   -sOutputFile=restricted.pdf input.pdf

Permission combinations

Common combinations:

Read-only PDF distributed externally.

• Allow: viewing, screen reader access
• Restrict: printing, modifying, copying, annotations, signing
• Use case: distributing branded materials where you want recipients to see but not reuse

View and print only.

• Allow: viewing, low-res printing, screen reader access
• Restrict: copying, modifying, annotations
• Use case: distributing documents for physical reference

Form-fillable but locked.

• Allow: form filling, signing
• Restrict: content modification, page extraction, annotations
• Use case: invoices, contracts, applications

Full open.

• Allow everything
• Use case: internal collaboration

Common gotchas

Permissions on un-encrypted PDFs. A PDF without encryption has no enforceable permissions. Setting "do not allow editing" on an unencrypted file is hopeful, not protective.

Empty user password. If only the owner password is set, the file opens for anyone. Permissions still apply, but anyone can request the file's permissions lifted by a tool that uses the empty user password.

Mixed-version compatibility. Older readers may not honor newer permission flags. A "do not allow extraction" flag introduced in PDF 1.5 is ignored by readers from 2002.

Re-saving strips permissions. Some readers strip permissions when they re-save the file (especially if they cannot satisfy the requested level of encryption). Verify permissions persist after editing.

Permissions invalid after edit. Editing the file with the owner password changes its content; permissions are re-encoded on save but may be reset to defaults depending on the tool.

Copy via screenshot. A user can always screenshot the page. Permissions cannot prevent the user from seeing the content; they only restrict the file's own controls.

Search engines. Search engines indexing PDFs do not necessarily honor copy permissions. Content from a "copy disallowed" PDF can still appear in search snippets.

Permissions vs DRM. PDF permissions are different from full DRM systems (Adobe Experience Manager, FileOpen, etc.) that enforce restrictions at the application level rather than just as flags in the file.

When permissions are the right tool

Use permissions when:

• The threat model is casual misuse, not determined extraction
• You want a clear visual signal in compatible readers (the file appears restricted)
• You want to discourage accidental modification
• You want to communicate intent ("do not print", "do not modify")

Do not use permissions when:

• Confidentiality is critical, use real encryption with a strong user password, not just permission restrictions
• The recipient is technically sophisticated and motivated
• Legal compliance depends on enforcement (permissions are not strong enough)
• You need to revoke access later (PDF permissions are forever once the file leaves your hands)

For real confidentiality, see PDF encryption explained, how to password protect a PDF, and AES-128 vs AES-256 PDF encryption.

When you need stronger protection

For high-stakes documents:

• Strong user password. Make recipients need the password to even open. They cannot share without sharing the password.
• Watermarking. Per-recipient watermarks help trace leaks. See how to add a watermark to PDF.
• Tracking. Use a document tracking service (Adobe Experience Manager, Vitrium, FileOpen) that logs each access and allows revocation.
• Print restrictions in DRM. Real DRM enforces at the viewer level, not just as a file flag.
• Air-gapped distribution. Some workflows require recipients to view in a secure portal, with no download.

The right answer depends on the threat model.

Accessibility and permissions

PDF permissions include "Content Accessibility Enabled", explicitly allowing screen readers to access content. Modern best practice is to always allow this, even when restricting other operations:

• WCAG and PDF/UA expect accessibility access
• Disabling accessibility access can constitute discrimination
• Most readers ignore this flag for screen reader use anyway (it is considered a fundamental right)

Acrobat Pro's permission dialog has this checkbox; leave it checked. See PDF accessibility guide.

Reviewing a PDF's permissions

To inspect:

• Adobe Acrobat / Reader. File → Properties → Security tab. Shows what is allowed and restricted.
• qpdf --show-encryption file.pdf lists the encryption and permission settings.
• pdfinfo file.pdf shows summary including encryption status.

For a PDF you receive, this tells you what restrictions are claimed. Whether those restrictions are actually enforced depends on your reader.

Removing permissions you have rights to

If you have the owner password (or no user password is set and you want to lift restrictions for your own file):

qpdf --decrypt --password=owner_pw input.pdf output.pdf

The output is a permission-free PDF. Use only on files you own.

For removing permissions from third-party files, you need legal authorization. See how to remove a password from a PDF.

Practical recipe

For a "read-only" external PDF:

1. Open in Acrobat Pro
2. File → Properties → Security
3. Security Method: Password Security
4. Set owner password (do not set user password if you want anyone to be able to open)
5. Choose 256-bit AES
6. Restrict: printing (Low Resolution), modifications (None), copying (None), annotations (None)
7. Allow: accessibility access
8. Save as a new file
9. Test in a different reader to verify restrictions

For a "form-fillable but locked" PDF:

1. Same as above
2. Restrict: modifications (Form filling and signing only), other restrictions per need
3. Allow: form filling and signing
4. Save and test

Takeaway

PDF permissions are advisory restrictions that most readers honor and any determined user can defeat. They are useful for communicating intent and preventing casual misuse, not for guaranteeing confidentiality. For real protection, combine permissions with strong encryption, a real user password, watermarking, and (for highest stakes) full DRM. For browser-based permission setting, Docento.app handles common configurations without installing tooling. For more on the broader security picture, see PDF encryption explained and PDF and zero-trust document security.