Joe Smith wrote: > I have no information at this point--none--with which to make a rational > decision other than to disable the macros because that's "always safe."
Isn't that the default for OOo? > desired, but severely flawed "industry practice" of easily embedding > macros in documents and then dumping the responsibility on the user. Macros can either be contained within the document, or in a separate container that can be given to others as a separate file. I'm not sure how easy it will be to segregate out macros into their own container, with the current implementation of OOo.In the long term, this would be a more secure option. > OOo can and should do better--and until a better strategy is available, > the default should be all macros off, no questions asked. Isn't that the current default? I don't remember configuring that option. Every time I open a document that contains a macro, I am asked if I want to enable macros. > C) provide a distinct facility that would allow the macro > writer to manipulate the open document, and nothing else, One practical issue with that approach. I've got a macro that converts ODF format to Duxbury File Format. With your proposal there is nowhere for the output of that macro to be placed. I've got another macro that opens a file in Duxbury file format, converting it to ODF in the process. With your proposal that macro could not run. Note: The ODF to/from macros are not yet functional. I'm using it as an example for a very specific reason. > Maybe these are foolish or technically unrealistic, but there must be > something we can do beyond defending the status quo. I think throwing the macros into a container, that can be transmitted to others as an additional file, is the most secure solution. It can be done, it does require recoding some of the functions within OOo. It might also require a change in the specifications of the ODF format. xan jonathon --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
