Joe Smith wrote: > I could see that training someone to "just open this document/template", > with the document-specific macros being automatically loaded, would be > vastly preferable to training for a multi-step, manually load the macros > procedure. ISTM that when macros are loaded automatically on opening a > document, it doesn't make a vast difference whether they're loaded from > the document or an external site. If the document is secure then either > scenario can be safe. If the document is not secure, then neither > scenario is safe: loading from an external site is not safe if the > document can be modified to load the macros from the bad guy's site.
Fortunately that's not possible. Macros can be loaded only from the paths that are determined by the local configuration. This includes share and user directory and extensions. > Is there currently any mechanism to know whether or not the macros in a > document have been modified? Can the macros be write-protected or signed > somehow? Yes, signing is possible (I mentioned that several times ;-)). Ciao, Mathias -- Mathias Bauer (mba) - Project Lead OpenOffice.org Writer OpenOffice.org Engineering at Sun: http://blogs.sun.com/GullFOSS Please don't reply to "[EMAIL PROTECTED]". I use it for the OOo lists and only rarely read other mails sent to it. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
