OpenOffice security

Sami Rautiainen F-Secure

OpenOffice security

OpenOffice, the open office suite is available for Linux, Windows and Solaris, with the other platforms like MacOS X under development. It has reached the production version 1.0, being already the most popular office suite for Linux.

This paper discusses the security model of OpenOffice - the environment and restrictions that are provided for executable content such as macros and embedded objects. The paper also examines the features of the native macro language and the XML file format used by OpenOffice.

The OpenOffice feature set is similar to the feature set of Microsoft Office. It has word processing, spreadsheet and presentation applications all tied together within a common look and feel.

OpenOffice has a built-in macro language and a support for both JavaScript and Java applets. Looking at these features, the question arises: how secure is OpenOffice? Have OpenOffice developers taken into account the pitfalls shown by the history of the Microsoft Office or is OpenOffice the next victim of the abuse of macro viruses?

 del.icio.us  digg this! digg this

Quick Links

Poll
The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Yes
No
I don't know
Leave a comment
View 11 comments

99 Subscription Promo

VB100 certification
VB100 This month's VB100 test saw some major changes and a radical overhaul of the VB100 test methodology - for the first time allowing products to use their 'cloud' look-up systems. John Hawes has all the details.
See full results.

Virus Bulletin currently has 224,243 registered users.