Mailinglist Archive: opensuse-security (685 mails)

< Previous Next >
Re: [suse-security] MS Word Docs hosts security relevant metadata
  • From: Rainer Link <link@xxxxxxx>
  • Date: Thu, 7 Feb 2002 12:46:57 +0100 (CET)
  • Message-id: <Pine.LNX.4.33.0202071235080.10794-100000@xxxxxxxxxxxxx>
On Thu, 7 Feb 2002, Michael Appeldorn wrote:

> according to an article in the german computer-zine c't ms-word documents
> hosts security relevant metadata, as paths, hostnames, ip's and so on.

Oh, well, this is known for years! And it's also known for years
"Schnellspeicherung" [1] just creates a new document stream, which just
means your Word file grows really big and you can see the different "revisions"
of the Word document as it contains for each "revision" a own document
stream.

> So it seems to be a good idea to filter all outgoing mail with such attachments
> and convert automagically into pdf.

I'd suggest RTF here (real RTF files. Some macro viruses hook "save As"
and just give the word document the extension RTF. Keep in mind,
Windows/Word do not really care about the extions here). Probably antiword
may do the job. But I'm not a fried of automatic stuff here. Such a filter
is for me part of the MTA, and an MTA must not change the contant of any
mail (otherwise it would violate RFC).

Just my 0.02 cent.

best regards,
Rainer Link

[1] Excuse my ignorance. I just do not recall, how this is called in
english versions of Word. Probably "quick save"?
--
Rainer Link | SuSE - The Linux Experts
link@xxxxxxx | Developer of A Mail Virus Scanner (www.amavis.org)
www.suse.de | Founder OpenAntiVirus Project (www.openantivirus.org)


< Previous Next >
References