Issue 21324

Summary: Q-PCD Security-18: Fine Grained Macro Security
Product: udk Reporter: kay.ramme
Component: codeAssignee: AOO issues mailing list <issues>
Status: ACCEPTED --- QA Contact:
Severity: Trivial    
Priority: P3 CC: issues, le.farfadet.spatial, maison.godard
Version: OOo 1.0.0   
Target Milestone: AOO PleaseHelp   
Hardware: Other   
OS: All   
Issue Type: FEATURE Latest Confirmation in: ---
Developer Difficulty: ---

Description kay.ramme 2003-10-16 14:45:31 UTC 
Product Requirement 
OOo should allow to restrict the level of access that components and scripts
have. The configuration granularity has to at least distinguish between a
document only, file, network or no access/execution. If some code tries to do an
action that is not permitted a prescriptive error message should be shown that
explains why the code could not be executed and what configuration options
prevented the action.

Customer Need/Problem
Administrators and users want to configure what resources (network, operating
system, etc.) a user can programmatically access.


Product Concept
Authorization ? Control what scripts and components are allowed to do when
running [High Cost, High Risk]  Need to control not just what scripts are run,
but what they can do when they are running. To do this you must ensure all
scripts are run with a suitable security context that will restrict OOo
application API calls, UNO API calls and Java API calls, according to the
security profile settings for the script source. At the minute both UNO and Java
are bootstrapped with an appropriate security context, but the OOo application
APIs are not making any security checks against UNO before they make any
security sensitive calls. These security checks will need to be implemented for
all of the applications and is a considerable amount of work.
Comment 1 lutz.hoeger 2003-10-23 07:45:41 UTC 
added keyword Q-PCD
Comment 2 maison.godard 2003-11-18 10:55:45 UTC 
Adding myself to CC
more to come ;-)

Laurent
Comment 3 farfadet 2003-11-19 16:37:06 UTC 
Adding myself to CC.
Comment 4 utomo99 2004-01-08 09:26:15 UTC 
questions: we must think the best setting for default. which is safe enough but
not make user dificult. I think many people mostly didnt change their setting if
not necessary. and mostly will feel not necessary to change the setting unless
user which know more about computer/security maybe will change it.
Thanks
Comment 5 kay.ramme 2004-01-14 13:49:04 UTC 
Malte, please take care of this.
Comment 6 malte_timmermann 2004-01-15 13:11:25 UTC 
I will take care for that...
Comment 7 malte_timmermann 2004-06-16 12:31:23 UTC 
DL agreed to retarget.
Only authentication (#i21596#) will make it into OOo2, which is the base for this.
Comment 8 Mathias_Bauer 2006-12-07 17:14:27 UTC 
changed component to "udk", seemed to be the best fit
Comment 9 alex.thurgood 2006-12-09 18:47:21 UTC 
To whomsoever it may concern : I do not like my votes being deleted without an
explanation why ? Please don't do it, unless someone has a valid reason for
doing so and informs me thereof. I see nothing here in recent exchanges that
explains this change.

Alex
Comment 10 kay.ramme 2006-12-13 15:25:39 UTC 
Alex, actually I didn't even know, that votes of others could be deleted. But
may Malte could shed some light on this, Malte?
Comment 11 maison.godard 2006-12-13 15:29:23 UTC 
alex, this is due to Mathias changing the component (2 comments above)
you should have receive an email notifying it