[Libreoffice-bugs] [Bug 98051] New: Macro Security Enhancement

Sun, 21 Feb 2016 14:17:59 -0800 

https://bugs.documentfoundation.org/show_bug.cgi?id=98051

            Bug ID: 98051
           Summary: Macro Security Enhancement
           Product: LibreOffice
           Version: 5.1.0.3 release
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Severity: enhancement
          Priority: medium
         Component: LibreOffice
          Assignee: [email protected]
          Reporter: [email protected]

Microsoft Office Macros are currently used to infect PCs, by sending a Document
with Macros. As LibreOffice Microsoft Office asks the User, if he would execute
the Macros.

But there is a simple Trick: There is written something like "If the document
is not displayed correctly, enable macros".

As a standard user may don't know what Macros are, and especially on Windows a
lot of such warnings are displayed, there is a big chance a Users clicks to
"Execute Macros".

Even if I didn't head about such an infection with LibreOffice, there should be
a security mechanism, which prevents exactly this behaviour.

First we need to identify all possible security relevant Basic Methods:
* Shell: Execute a system command
- e.g. download a file with CMD tools
- execute a virus....

* Open Files for Writing
- Write a Batch / Shell script in the Autorun Folder of the User
- Write an executable itself at location where it's getting executed

* Probably a lot more, please help listing it!


My Proposal to solve the security issues, but still let the usable macros
working. If you have a better Idea: The discussion is open!

I would create a "MacroRoule.xml", with a white list of allowed operations:
<macroRoule>
  <writeableFiles>
    <file>/home/asdf/myWhitelistedFile.txt</file>
    <file>/home/asdf/anotherFile.bin</file>
  </writeableFiles>
  <writeableFolders>
    <file>/home/asdf/libreOfficeOutput</file>
    <file>/home/asdf/anotherFolder</file>
  </writeableFolders>

  <allowedCommands>
    <command>/usr/bin/gedit</command>
    <command>/usr/bin/nautilus</command>
  </allowedCommands>
</macroRoule>

The file has to be placed in a Folder, where usually only system administrator
have access to it, and it should be hidden. So if a company or a developer
needs macros its really easy to edit a file. For a standard user it's nearly
impossible to edit this file.

I think this would increase the security really much, without preventing
document editing macros from running.

-- 
You are receiving this mail because:
You are the assignee for the bug.

_______________________________________________
Libreoffice-bugs mailing list
[email protected]
https://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs

Reply via email to