
Protect Yourself from Windows Applications #80
Chapter 9, Administration and Automation
|
245
HACK
Microsoft Word, the script will delete the temporary copy of dangerous.doc
from /home/jail/Documents. (This is why you made the
/bin/rm command
available to the
jail user. It’s not a necessary step, so you can modify
sudoers and the script accordingly, but it does keep the /home/jail/
Documents directory uncluttered.)
This is definitely not a good technique for viewing personal
or company documents. Even though the script deletes the
document after you are done viewing it, the document
remains in the
Jail directory as long as you have it open.
During this time, anyone has the capability to read the docu-
ment you have open, and they can even save a private copy
for themselves. So, reserve the use of this for documents that
are coming from an unknown or untrusted source.
Automating Wordview in Mozilla
Not every application makes it possible to customize what action it will take
when it opens a Microsoft Word document. Some applications that do make
it possible don’t make it easy.
But it should be easy for Mozilla users. The next time you come across a
Word document while browsing a web page, you can adjust what Mozilla
does when you click Word document links. When you click a link to a
Word document, you should get a dialog box that asks you what to do
(Figure 9-2). Tell Mozilla to open the document with /usr/local/bin/ ...