Hi Allen, > That's easy to find. There are only about a dozen matches in the source > code for RestrictedPath and RestrictedPaths ;-)
:) > On Windows XP, you have both "system variables" and "user variables". If > both values are set, the user value overrides the system value. In fact, I > just tried this, setting two different values for RestrictedPath, one in a > system variable in the other in a user variable, and OOo used the user > value. Let me say it this way: The concept clearly has it flaws, but it was a sufficient for the target audience at the time it was implemented. Please consider that the whole feature is not (and was never intended to be) a security feature, but more a convenience thing. You can always find ways to break out of the box provided by the RestrictedPaths (e.g. you can put an URL into a text document and click onto it). It's really an UI thing only. If one wanted to make this error-prove, a completely different approach would be needed, hooking into the UCB which provides low level access to file/contents. Ciao Frank -- - Frank Schönheit, Software Engineer [EMAIL PROTECTED] - - Sun Microsystems http://www.sun.com/staroffice - - OpenOffice.org Database http://dba.openoffice.org - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
