Alan Boba wrote: > On 10/24/07, Mathias Bauer <[EMAIL PROTECTED]> wrote: >> >> >> You can't enforce "read only" behavior in an open file format. If >> somebody wanted to change your file he just can do it on the level of >> the xml streams inside the package. So such a feature is pointless. >> >> Mathias, > > I'm just guessing here so if this idea isn't workable just chalk it up to my > ignorance. Wouldn't it be possible to encrypt the document text (which I'm > presuming is between some sort of tags in the open file format) based on > whether a password had been applied. > > After all, again guessing, if the document creator chooses to apply a > password to the document isn't the password stored in encrypted form in the > open file format? I'd be quite surprised to learn that document passwords > are stored in clear text. > > If the password can be encrypted and stored then why not the document text?
The password is not stored in the file at all in OOo documents. The password is used to encrypt the file content and the content is written to the file only in this encrypted form. It can be decrypted again only with the password, otherwise it is just a bunch of bytes. But that is not related to the "read-only" feature discussion we have. My point is that you can't enforce a "read-only" behavior as this is not something in the file at all, it's a pure UI feature. There is a flag in the document that tells the application "disable all functions that can modify the document". But there's nothing that prevents direct access to the document itself. And if the file format is open, everybody can change the file and so circumvent its logical "read-only" state. Ciao, Mathias -- Mathias Bauer (mba) - Project Lead OpenOffice.org Writer OpenOffice.org Engineering at Sun: http://blogs.sun.com/GullFOSS Please don't reply to "[EMAIL PROTECTED]". I use it for the OOo lists and only rarely read other mails sent to it. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
