Preventing users from saving forms into unprotected formats

[Charles Looker]

I need to stop users from saving forms into unprotected formats, e.g. RTF
(believe it or not, my users like to mess about with form layout, creating
business interoperability problems) I have successfully intercepted the
FileSave and FileSaveAs commands. I also need to intercept the Save As
dialog which comes up for a new dialog when the file is closed, so I'm using
a BeforeDocumentClose event handler. I would like them to be able to choose
not to save, so I give them a YesNoCancel message, but I can't prevent the
regular message coming up if they click No on my message. I've put:

ActiveDocument.Saved = True

at the bottom of the event handler subroutine, but it doesn't seem to work.
The problem with the regular message coming up is that they can click Yes on
this and Save As, unintercepted and potentially into an unprotected format.

 

[Doug Robbins - Word MVP]

Maybe you need the big stick approach. However, if your application is
logically designed, users should have little reason to tinker with it. In
almost all cases, it is poorly designed applications that do not do properly
what the user want that invite tinkering.

--
Hope this helps.

Please reply to the newsgroup unless you wish to avail yourself of my
services on a paid consulting basis.

Doug Robbins - Word MVP, originally posted via msnews.microsoft.com

 

[Charles Looker]

Does this mean there is no technical solution to the problem?

There is absolutely no question of the form being re-designed. That is not
under my control. There are rather complex political reasons why a big stick
cannot be used as you suggest. There is no chance of a form being designed
that satisfies everyone concerned and some compromise has to be reached.
Effectively, some users are re-designing it to the detriment of others.
Perhaps this is a situation which, despite your wide experience, you have not
yet encountered.

 

[Doug Robbins - Word MVP]

You will never stop a determined user. I would suggest that you attempt to
determine what it is that motivates the users to do that which you do not
want them to do and then address the issues that result from that
determination.

--
Hope this helps.

Please reply to the newsgroup unless you wish to avail yourself of my
services on a paid consulting basis.

Doug Robbins - Word MVP, originally posted via msnews.microsoft.com

 

[Charles Looker]

Yes, I too have seen this:
http://www.securiteam.com/windowsntfocus/5MP0315BPS.html
, but I am calculating that my users are not determined enough to use hex
editors to search through word files! If determination were expressed as a
variable, it would be floating point, not boolean, I think.

Since my first post, I find that I am not able to replicate the claimed
vulnerability via saving files to RTF and then back to Word format. Is this
myth, or reality? Do I actually have a problem?

 

[Doug Robbins - Word MVP]

The problem, or at least one problem is that, depending upon the users macro
security settings, your macros may be stripped from the document so it does
not matter how craftily they are written, the code in them will not be
available to be executed.

--
Hope this helps.

Please reply to the newsgroup unless you wish to avail yourself of my
services on a paid consulting basis.

Doug Robbins - Word MVP, originally posted via msnews.microsoft.com

 

[Graham Mayor]

While that method of removing password protection is detailed on my web
site, it is not the only method. See
http://www.gmayor.com/Remove_Password.htm#Alternative
This method requires no technical knowledge or use of script editors.
The protection afforded to users who are allowed to open the document is
minimal and as Doug points out, methods involving the use of vba can easily
be circumvented.
You *may* be able to address your problem with file management software
which will more closely control what users can do with your files, but
addressing misuse is more properly the job of the human management of the
company.

--
<>>< ><<> ><<> <>>< ><<> <>>< <>><<>
Graham Mayor - Word MVP


<>>< ><<> ><<> <>>< ><<> <>>< <>><<>