LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

The current development kernel is...linux-next?

Notes on the Viacom ruling

LWN.net Weekly Edition for July 3, 2008

More DTrace envy

LWN.net Weekly Edition for June 26, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Macro virus for Staroffice discovered (Techworld)

Macro virus for Staroffice discovered (Techworld)

Posted May 31, 2006 18:48 UTC (Wed) by dwheeler (subscriber, #1216)
Parent article: Macro virus for Staroffice discovered (Techworld)

I see no evidence that this virus can attack current systems. But if it could, one solution to virus propagation is diversity. If there were multiple ODF readers, it was reasonable for users to pick any one of them, and there was a virus attack that worked against one, it's less likely to work against others.

Oh look, there are multiple implementations, and the format is designed to encourage multiple interoperable implementations. Looks like ODF is the solution, not the problem.

(Log in to post comments)

Macro virus for Staroffice discovered (Techworld)

Posted May 31, 2006 21:34 UTC (Wed) by Ross (subscriber, #4065) [Link]

That would only work if it is taking advantage of a bug in a particular implementation. It could be (I have no idea) that there is a fundamental weakness in the file format where, like with MS Office files, macros are allowed to edit other files without prompting the user (the startup prompt is mostly useless because people get used to saying "Yes" on every file they open).

Macro virus for Staroffice discovered (Techworld)

Posted Jun 1, 2006 0:35 UTC (Thu) by jhardin (guest, #3297) [Link]

> ... a fundamental weakness in the file format where, like with MS Office files, macros are allowed to ...

What does the file format have to do with what macros are or are not allowed to do? The file format only stores the data; it's the *application* that supports a macro language, and allows it to run amok.

Macro virus for Staroffice discovered (Techworld)

Posted Jun 1, 2006 1:02 UTC (Thu) by Ross (subscriber, #4065) [Link]

If the format dictates when the macro is executed and what it can do, it affects the security. That's my point. Otherwise it's an application bug/feature.

Macro virus for Staroffice discovered (Techworld)

Posted Jun 1, 2006 4:01 UTC (Thu) by dwheeler (subscriber, #1216) [Link]

ODF has some program-like capabilities defined (e.g., for graphs), but they are all strictly limited. The way the ODF spec is designed, I doubt there is a requirement that makes it impossible to be secure.

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.