I didn't expect this to be as 'Horrifying' as it was. Has anyone written a script yet to identify whether or not a given PDF contains executable script?
QubesOS has a "TrustedPDF converter" [0] that sanitizes a PDF to the extreme level for ultimate security - it converts the entire PDF to RGB pixmaps in an isolated virtual machine. The author has a blog post at [1]. Obviously you lose the ability to use the menu, search, copy or paste, but it's as 0day-proof as you can get for a horrifying file format.
