Hi,
On 06/29/09 11:59, Malte Timmermann wrote:
Well,
first - OOo already remembers the document specific password in memory
while the document is open. There is no API for getting the password, so
someone would need to have access to the raw memory to find it somewhere
- not very likely. The password is not stored persistently somewhere.
But I agree that there is a possibility to retrieve the password, and I
guess this could be fixed quite easily with encryption via some session
key. If you like, let's discuss this in the security project,
http://security.openoffice.org/
I am not sure that encryption of the password would really help. The
problem is the following, to encrypt it with the session key, we have to
have the key in the memory ( or at least the way it is generated should
be good known ). As result the password in the memory is just replaces
with more keys in the memory, that have to be retrieved to decrypt the
document. Although it would need more actions, I do not think that
somebody who got access to the memory and was able to read the password
would not be able to read more keys. Please correct me if I have
misunderstood something.
Best regards,
Mikhail.
PS: I have redirected the discussion to disc...@security.openoffice.org
second - you normally don't send raw data to some company. OOo doesn't
use raw data for crash reports, and Windows FWIK also doesn't send such
data. Would be some 100MB of data you would need to send out via the
normally quite small upload bandwidth you have.
In the end - would be fixed with the encryption suggested above.
third - to come back to Alexanders question:
I wouldn't introduce such seldom used feature to OOo, which makes things
unnecessarily complicated (more code and more GUI).
Right now, you don't have to provide the password when you loaded a
password protected document, and simply use Save instead of Save-As.
For versioning you might want to use the built-in versioning, see
File/Versions... OOo won't ask you for the password when creating a new
version.
Malte.
tora - Takamichi Akiyama wrote, On 06/26/09 16:23:
Hi,
Alexander Ritter wrote:
> It's all said by the title: I would prefer a new option box in the save
> dialog where the user can specify to take the old password to save the
> document with instead of typing a new one or even the same old password
> twice again. A nice tool for versioning e.g. confidential documents!
>
> Precondition - of course - would be that the actual document was already
> saved using a password. Otherwise the option box has to be disabled.
That would be a nice feature to achieve needs that you mention.
To securely implement it, we might need additional feature such as handing with
a master pass-phrase to encrypt the password that a user types to open the
document file.
It comes from a technical reason.
1. A user tries to open a password protected document file.
2. An application prompts the user to enter a password.
3. The application opens the file with the password.
4. The application memorizes the password somewhere.
5. The user revises the document.
6. The user tries to save the document.
7. The application retrieves the password which has been kept somewhere.
8. The application save the document with the password.
9. The user close the document.
10. The application erases the password.
The password could be leaked during the step 2 to 10 since the password should
be physically stored in a system memory, disk device or something else. If the
password is stored without encryption, it could be leaked.
You might have experienced this type of behavior of one operating system.
1. The operating system (OS) finds that an application crashes.
2. The OS asks the user if the OS can send data to their laboratory
via the Internet for investigation.
3. If the user answer 'Yes' to the OS, the OS sends data which might
includes the password stored in the memory.
If the password is stored in a disk device, there would be a chance to directly
read it using a special tool, although the file is protected with a permission
managed by the OS.
I guess, that would be the primary reason why most application do not have the
feature that you are proposing.
Any good idea?
Regards,
Tora
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@openoffice.org
For additional commands, e-mail: dev-h...@openoffice.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@openoffice.org
For additional commands, e-mail: dev-h...@openoffice.org
