Chad Smith wrote: > Remember, we are talking about OpenOffice.org - not Linux. Remember, the > problem that he article brings up about OpenOffice.org is that macros, > which > can be set up to activate merely by opening a document, can control your > system.
CAN BE set up to automatically run macros. This is not the default. Get over yourself. > Now, I'll admit it's been a couple months since I've used > OpenOffice.org on > Linux (I use OOo on Windows, NeoOffice on Mac primarily), but I don't > recall > having to enter in a root password to open a document. Please correct > me if > I'm wrong on that. OK then. You're wrong. You can only open & modify files that you, as the current user, have access to. I can't log in as myself and modify files that only root has permission to modify. I don't remember how Apple has set things up, but I do know that OpenOffice runs with the current user's permissions, and not root's, so please try to stick to the facts. > If malicious code can be executed merely by opening a document - that's a > problem. > > People in this thread have said that if you open a document from an > unknown > source, you deserve whatever happens to you. People have said that > it's a > fundamental security practice and common sense not to open a document > from > someone you don't know. "Don't take data from strangers" kind of thing. > > Here's the problem - it's a text file. It's a document. It's words and > pictures. It's not a program. I'm not security expert - but I would > have > never thought opening a word processing file could hurt my computer. > Especially in Linux or Mac. Especially if the file is in an "open > international ISO format". Apparently, I was wrong. But I'm probably > not > the only one who felt safe opening what is the electronic equivalent of a > piece of paper. I don't think so. If people haven't gotten their heads around macro viruses by now, then I agree with others that they deserve what they get. Users have demanded that office packages have scripting support. I'm sure you're one of these users. Users will have to deal with the issues that scripting support raises. My installation of OpenOffice comes with macro security set to 'medium', which requires user confirmation before running macros. I don't see a problem here. If some people want macros, and other people want security, then this seems to be the only sensible solution. At this point I should bring another topic of recent discussion into the mix. Aren't you Chad - the same Chad that always argues for integrating everything under the sun in one package? So are you now saying you want everything under the sun, apart from scripting, because some user might be running OpenOffice as root, and receive an OpenOffice attachment with a macro virus, and they might have either disabled macro security completely, or have hit 'run macro' when the security dialog appears, and this oh-so-remote possibility is such an affront to common decency that clearly OpenOffice shouldn't have scripting capability? Chad, I've said it once, and I'll say it again: Your posts can only be understood in the context of trolling. -- Daniel Kasak IT Developer NUS Consulting Group Level 5, 77 Pacific Highway North Sydney, NSW, Australia 2060 T: (+61) 2 9922-7676 / F: (+61) 2 9922 7989 email: [EMAIL PROTECTED] website: http://www.nusconsulting.com.au --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
