On Wed, 16 Aug 2006 16:09:47 +0000 [EMAIL PROTECTED] wrote: > Chad wrote: > > > Remember, we are talking about OpenOffice.org - not Linux. Remember, the > > problem that he article brings up about OpenOffice.org is that macros, > > which can be set up to activate merely by opening a document, can control > > your > > system. > > OK, lets go back to that proof of concept virus. > > * The end user has to obtain the document from an unknown source. > * The user has to put that document into a directory which automatically > gives macros permission to run; > * They have to have changed the default security setting to "Low"; > * They have to open the document; > * There platform must contain either _no_ firewall, or one that does not > block any outgoing processes, and also does not block programmes from > opening other programmes; > > The "Security flaws" that the French DOD is concerned about exist only > when the user changes the defaults. > > >I'm not security expert - but I would have never thought opening a word > >processing file could hurt my computer. > > It shouldn't, and under the default security mode of OOo, it won't. > > It is only a theoretical security flaw, not a practical one. > > xan > > jonathon
maybe I'm missing something, but surely all this would only have user privileges unless you had specifically opened OO as root, so surely damage would be limited to the users directory. -- Will J G --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
