Workstation Security | Sams Teach Yourself Lotus Notes 7 in 10 Minutes

One of Notes's most attractive features is that it protects us from malicious software being run on our computer. This is no small benefit in a computing world where spam and phishing messages arrive in our mail every day and where users' computers are being infected by viruses and Trojan horses and taken over by those programs to be used as "zombie" computers to spread even more spam, phishing messages, viruses, and Trojan horses.

The Notes feature that protects us from these things is the Execution Control List (ECL). When a program tries to execute within a running Notes session, Notes checks to see who "signed" the program, then checks the ECL to see what sort of things the programs signed by the signer are permitted to do. Most malicious programs aren't signed at all (because their authors don't want you to know who they are) and, by default, Notes doesn't permit unsigned programs to do anything that could possibly harm your computer or data.

Other programs may be signed by Lotus itself or by some developer or other entity within your own company. Again by default, Notes trusts Lotus-signed programs to do anything, no matter how potentially dangerous. How much it trusts programs signed by entities within your organization (or other third-party signers) depends on how your administrator may have preconfigured your ECL when setting up your workstation and what changes you or your administrator may have made or allowed since that time.

You can see your ECL and examine its settings by doing the following:

In the File menu, choose Security, User Security. Enter your Notes password. The User Security dialog box will open, looking much like the example in Figure A.1.

Figure A.1. All of the actions listed to the right of the list of signers are potentially dangerous and shouldn't be granted to untrusted signers.

Expand What Others Do in the outline. Examine Using Workstation, Using Java, and Using JavaScript. Select each listed entity to see the actions that programs signed by that entity are permitted to take. Click OK, Close, or Cancel when finished.

You can make changes directly in the ECL, but generally you will not and should not. Typically your ECL will change, if at all, as a result of two other kinds of action. First, your administrator can make changes to organization-wide ECLs and push them down to user workstations. Second, you might be able to make changes indirectly, depending on how you react when a program tries to take an action that it hasn't been pre-authorized for in the ECL. When that happens, you will see an Execution Security Alert. This dialog box warns you of the impending action (see Figure A.2) and presents options for dealing with it.

Figure A.2. Notes uses this dialog box to warn you that a program is trying to take an action that it isn't authorized for in the ECL. If you aren't sure whether to allow it, contact your administrator.

The choice you make may cause Notes to update the ECL with new rights. Specifically, if you choose the last option, Start trusting the signer to execute this action, in the dialog box, the ECL will be updated such that the signer named in the Execution Security Alert will have the right in the future to perform the action named in the dialog box. If you do choose that option, then later wish you had not, you can open the ECL directly (as described above) and reverse your decision.

Depending on how your administrator has configured your workstation, the option Start trusting the signer to execute this action may not be available in the Execution Security Alert on your workstation.