Changeset 3


Ignore:
Timestamp:
01/05/09 14:59:25 (11 years ago)
Author:
sander
Message:

Fix some typos

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/doc/odf-shots-proposal.tex

    r2 r3  
    3333\section{Security} 
    3434 
    35 There are three security issues to consider with the ODF-Shots project. First, documents that were uploaded by authors should be treated in a private manner. While it is never recommended that authors upload confidential documents to a public web service, authors should be reasonably secure that only the processing clients and not the entire world can access their documents or the rendering results. The second security issue are macro viruses and other malware that can be embedded inside ODF documents. Processing clients should be reasonably secure that the documents they are processing will not harm their servers or contribute to the spread of malware. The third and last security issue are denial of service attacks. 
     35There are three security issues to consider with the ODF-Shots project. First, documents that were uploaded by authors should be treated in a private manner. While it is never recommended that authors upload confidential documents to a public web service, authors should reasonable be able to assume that only the processing clients and not the entire world can access their documents or the rendering results. The second security issue are macro viruses and other malware that can be embedded inside ODF documents. Processing clients should be reasonably secure so that the documents they are processing will not harm their servers or contribute to the spread of malware. The third and last security issue are denial of service attacks. 
    3636 
    3737\subsection{Privacy for authors} 
     
    4545\subsection{Malware protection} 
    4646 
    47 All documents that are uploaded to the central server should be scanned for known viruses before they are put in the various processing queues. If the document contains a virus or other malware then the job should be denied and the author notified. Processing clients are encouraged to scan the document themselves as well before processing them. As an extra measure of protection the processing client can simply disable support for embedded scripts, or scripts can be stripped from the document in its entirety either by the central server or by the processing client. It has yet to be determined if disabling or removing scripts is optional or mandatory and under which circumstances. 
     47All documents that are uploaded to the central server should be scanned for known viruses before they are put in the various processing queues. If the document contains a virus or other malware then the job should be denied and the author notified. Processing clients are encouraged to scan the document themselves as well before processing them. As an extra measure of protection the processing client can simply disable support for embedded scripts, or scripts can be stripped from the document in its entirety either by the central server or by the processing client. It has yet to be determined if disabling or removing scripts is optional or mandatory and under which circumstances this should occur. 
    4848 
    4949\subsection{Denial of service} 
Note: See TracChangeset for help on using the changeset viewer.