Re: Read-only mode: security properties

On 07.06.2017 21:13, Björn Ruytenberg wrote:
> Hello,
>
> Having read through some of the LO documentation [1] and bug 80538 [2], 
> it is my understanding LO's read-only mode is intended to prevent 
> document edits.

yes.

> Particularly interesting to me is its intended purpose regarding 
> security. In Microsoft Office, the "Protected View" sandbox prevents any 
> active content from being loaded [3], e.g.
> - Embedded ActiveX/COM controls
> - Hyperlinks (i.e. these are not clickable)
> - VBA macros
>
> One case in which the Office "Protected View" is triggered is when 
> opening a document downloaded from a remote server. The user may then 
> decide to disable the sandbox by clicking "Edit document".
>
> In LibreOffice, the same use case appears to trigger "read-only" mode, 
> also while showing a "Edit document" button. This would seem to suggest 
> similar behavior to "Protected View", in that some protections may be 
> provided. Unfortunately, I have not been able to find any LO 
> documentation to confirm this. Can anyone give me some pointers and/or 
> indicate where I could read up on this topic?

i don't think that "read-only" was intended as a security mode.

there is a "Macro Security" setting in
Tools->Options->LibreOffice->Security that can be used to disable BASIC
or whatever macros being executed, and there are settings about clicking
on hyperlinks in the "Security Options and Warnings" dialog - i don't
expect any of these settings to depend on the read-only status of the
document.

LibreOffice used to support NPAPI plugin content embedded in documents,
but that was removed recently due to general obsolescence of NPAPI
plugins and particularly wrt. security, Adobe's Flash NPAPI plugin
approaching EOL.

oh, the user is unable to activate OLE objects embedded in the document
in read-only mode, i guess you could call that an accidental security
feature... alas if you right click on them you get an "Edit" item that
switches the document to editable, so maybe not.