incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dennis E. Hamilton" <dennis.hamil...@acm.org>
Subject RE: [ooo-user] was RE: users@openoffice.org [Was: Re: [Discussion] dev@openoffice.org]
Date Wed, 31 Aug 2011 20:56:13 GMT
When's the last time you heard of malicious code in a Microsoft Office file?  No recent version
will run macro code without warning and default disabling on load.  I would expect mail clients
to also be circumspect about allowing direct opening of document files provided as attachments.

I think the recommendation for those, for the wary, would be to allow Zip and encourage people
to package anything simpler than an image that way.  Of course images and PDFs have exploits
too.

Perhaps the truly-safe cases are only text and zip?

I don't know about you, but I also only receive e-mail in plaintext.

 - Dennis

-----Original Message-----
From: Eike Rathke [mailto:ooo@erack.de] 
Sent: Wednesday, August 31, 2011 12:46
To: ooo-dev@incubator.apache.org
Subject: Re: [ooo-user] was RE: users@openoffice.org [Was: Re: [Discussion] dev@openoffice.org]

Hi Marcus,

On Wednesday, 2011-08-31 20:56:16 +0200, Marcus (OOo) wrote:

> For ooo-support@ files like doc, xls, ppt, odt, ods, odp will be
> most important.

I'd certainly not allow MS binary files as potential malicious code
carriers.

> But also jpg, png, gif for screenshots could be
> important. Additionally maybe pdf.

pdf is fine.

  Eike

-- 
 PGP/OpenPGP/GnuPG encrypted mail preferred in all private communication.
 Key ID: 0x293C05FD - 997A 4C60 CE41 0149 0DB3  9E96 2F1A D073 293C 05FD


Mime
View raw message