Difference between revisions of "Security/Hardened Office Installation"
| Line 8: | Line 8: | ||
| − | == Digital Signatures also for application macros == | + | == Digital Signatures also for application macros == |
| − | This is mainly to stop easy to achieve viral effects. | + | This is mainly to stop easy to achieve viral effects. |
| + | |||
| + | Somebody who can manipulate the macros in the office installation already has access to the system, and could manipulate anything, not only the OOo macros. | ||
| + | The "primo infection" has already happened, and the system is compromised. | ||
| + | But of course, manipulating macros is much easier than manipulating system binaries or configurations, and with OOo running on many different platforms, the malicious code also can be multi platform quite easily. | ||
Revision as of 12:42, 2 July 2009
The idea about a "Hardened Office Installation" came up in discussions with Eric Filiol & Jean-Paul Fizaine.
In a special installation/configuration, more security features and more security checks might be available.
This list include things like
- Digital Signatures also for application macros installed with OOo (currently digital signatures are only used for macros in documents)
Digital Signatures also for application macros
This is mainly to stop easy to achieve viral effects.
Somebody who can manipulate the macros in the office installation already has access to the system, and could manipulate anything, not only the OOo macros. The "primo infection" has already happened, and the system is compromised. But of course, manipulating macros is much easier than manipulating system binaries or configurations, and with OOo running on many different platforms, the malicious code also can be multi platform quite easily.
