LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Interview: Kristen Carlson Accardi

LWN.net Weekly Edition for July 24, 2008

Tracing: no shortage of options

Interview: Wind River's John Bruggeman

LWN.net Weekly Edition for July 17, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

security issues with macros

security issues with macros

Posted Mar 17, 2006 13:38 UTC (Fri) by eru (subscriber, #2753)
In reply to: security issues with macros by kingdon
Parent article: Novell goes for the desktop

Even a dialog box saying "this document contains macros? do you want to run them?", which might not be the ideal user interface, would still be better than nothing.

I guess you have not looked at the real MS Office recently... It has precisely this kind of dialog. (I am not entirely sure if it is enable by default, or comes from local default settings used in the company I work at). Anyway, it does not seem to help security much. So many spreadsheets flying around in the company (I suspect in most other companies as well) have macros that people click OK at the "execute the macros" dialog automatically. So it is totally useless.

What is really required is having the macros execute only within a tight securiy sandbox, where they cannot modify anything except the document they are part of. This would be OK for most uses of the MS Office macros. I don't know if Novell plans to do so, but anything else will import the MS Office macro virus nighmare to Linux.

(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.