Security/Hardened Office Installation

From Apache OpenOffice Wiki
Jump to: navigation, search

The idea about a "Hardened Office Installation" came up in discussions with Eric Filiol & Jean-Paul Fizaine.

In a special installation/configuration, more security features and more security checks might be available.

This list include things like

  • Digital Signatures also for application macros installed with OOo (currently digital signatures are only used for macros in documents)
  • Do not install additional scripting engines, like python for example
  • Lock certain user configuration, like macro security level
  • Add hash values in all ODF documents, check on loading

Digital Signatures also for application macros

This is mainly to stop easy to achieve viral effects.

Somebody who can manipulate the macros in the office installation already has access to the system, and could manipulate anything, not only the OOo macros. The "primo infection" has already happened, and the system is compromised. But of course, manipulating macros is much easier than manipulating system binaries or configurations, and with OOo running on many different platforms, the malicious code also can be multi platform quite easily.

Retrieved from "https://wiki.openoffice.org/w/index.php?title=Security/Hardened_Office_Installation&oldid=133811"
Personal tools