[3106] in WWW Security List Archive
Re: New and destructive word macro virus
daemon@ATHENA.MIT.EDU (Daniel LaLiberte)
Fri Sep 27 13:59:20 1996
Date: Fri, 27 Sep 1996 11:10:23 -0500 (CDT)
From: Daniel LaLiberte <liberte@sdgmail.ncsa.uiuc.edu>
To: hallam@ai.mit.edu
Cc: www-security@ns2.rutgers.edu
In-Reply-To: <9609270534.AA29361@etna.ai.mit.edu>
Errors-To: owner-www-security@ns2.rutgers.edu
> > I don't think macro
> >virus postings are inappropriate here, since Word docs are frequently
> >obtainable through websites.
hallam@ai.mit.edu writes:
> Macro viruses and viruses in general are entirely inappropriate for this
> list which was set up to discuss web security protocols.
I disagree on a couple counts. The existence and severity of this
kind of problem is at least important to be aware of. If the use of
Word documents on the web is widespread (I don't know) then it becomes
an important issue here even if that use is only for a single
platform. But in fact, the issue applies to both windows and
macintosh platforms. There really ought to be Word viewers for X
(maybe there are). However, the details of the macro viruses are not
particularly important here.
There are plenty of similar concerns regarding Java and JavaScript,
which are very much cross platform. Postscript has similar potential
problems, as you point out. There is so much power (and scalability)
in client-side execution of code obtained via the web that this issue
will keep popping up in many ways.
> The only Web security issue that arises is mechanisms to filter out
> such formats at firewalls.
That is one way of dealing with the problem, but not the only way. We
could also stress the use of safe viewers, and safe execution
environments. E.g., is there much value in Word macros when only
viewing documents?
--
Daniel LaLiberte (liberte@ncsa.uiuc.edu)
National Center for Supercomputing Applications
http://union.ncsa.uiuc.edu/~liberte/
