On 05.05.21 14:37, Arrigo Marchiori wrote:
Hello,
On Wed, May 05, 2021 at 07:08:11AM +0000, Peter Kovacs wrote:
The best approach I believe is to add a whitelist feature as for macro
files.
Users can add then the links they wish to approve.
Do you mean file-based whitelists instead of target-based?
I will try to explain myself better: the current filter on AOO 4.1.10
is target-based, because it is the target of the link that triggers
the warning. Are you suggesting to add a whitelist based on files, for
example "allow any links in documents from this directory"?
If so, would you use the same whitelist as for macros, or would you
introduce another one?
I do not think that it makes sense to allow
https://my.payload.crime/AOO_diskscrambler.ods to be seen as save target
for opening and macro execution at the same time.
Better is to have both separated. And the simple practicable solution is
to just add an own list which allows targets to be listed.
If we would want to have a vision, where we should develop to, this
would be mine:
We have One list and 2 properties. 1 property for hyperlink
whitelisting, the other one for (macro) execution. I like our 4 security
stages.
Example for a customized setup on a POSIX filesystem (security level 3 =
very high and 0 = low; first value is hyperlink, second value is macro
execution of this origin):
/tmpĀ (3,3) => Everything in the temp folder does not open links or
execute macros
~/ (2,2) => something that is within the home path, but not a folder
listed below, may execute signed macros or open targets that have a
trusted certificate
~/Downloads (2,3) => Downloads may open Links with a trusted certificate
but not allow to execute any macros
~/onlymystuff (0,0) => this is my documents and I allow everything
possible here.
~/macro_examples (3,1) => delivered example I do not want them to
execute, but they may be not linked by another document.
ftps://securecontent.org ( 2,2) => this links pointing to this target
are opened, and the downloaded file may execute macros if they are
signed with a trusted key.
All the best
Peter
--
This is the Way! http://www.apache.org/theapacheway/index.html
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org