Il lun, 2003-01-20 alle 22:09, Derek Martin ha scritto: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Sun, Jan 19, 2003 at 02:58:41PM -0800, zhiren wrote: > > Really interesting! Let me prove it, so you can see it for yourself: > > > > 1. Let's create a file name asdf in your home folder; > > 2. Then (1) start OpenOffice, (2) Alt-T-M to open the macro dialog, > > and enter this code: > > Sub AViciousCode > > Shell( "rm -rf ./asdf",2) > > end sub > > 3. Now run it to see your asdf file has gone! > > That's kinda ugly. You should post this to bugtraq, if you haven't > already. > This only work if you are using OO under Linux/Solaris, but I think should be trivial to implement something that can detect the operating system, though. The only solution that is not "do not execute macro at all" nor "look all the macros in this 2000 macros document" is to parse macro as they are executed. If the macro attempt to write to the filesystem (or read, maybe in a directory other than the one specified by the user to use in the current document session) stop it and notify. Even better, the parser could recognize some common patterns (as rm -rf), and notify/stop macro execution. Programs of that complexity should be executed in a sandbox environment, I think. neugens -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
