I got an email in my spamfilter with an attached Microsoft Word document. How can I view that file securely on Ubuntu. The 'from' email header shows that it is from a copy machine, but it could very well be spoofed. I cannot see the full header in the spamfilter email/webservice, so the file may be genuine or trojan.
I have downloaded the file and used file and strings, which I suppose are usually ok (Update: Not even strings may be ok. There has been vulnerabilities associated with the program, see http://www.ubuntu.com/usn/usn-2496-1/). I suppose that Libreoffice would also generally be ok to use for opening the file as any trojan would likely be targeting vulnerabilities in Microsoft Windows rather than Ubuntu Libreoffice?
What other possibilities are there? Would I need to spin up a virtual machine?
Before I posted this question I came up with another idea: sha256sum and Google. This leads to a positive identification as malware: https://www.virustotal.com/en/file/003837a453ab7dd0dda51804f4208b10009dc33a9a909e9689b82a1b993deea1/analysis/1454322062/
I am, however, still interested in safe ways to handle such documents.
The only safe way to handle a document you suspect to be infected with malware is to delete it.
If you think it's suspect, then it probably is.
Other than that, I use an isolated virtual machine for such things. Virtualbox works well.
LibreOffice should be fine to open it with. Most malware in MS Office docs is designed to exploit the macro and Visual Basic integration in Office.
The safest way to handle such documents though, is to just not open them. If you did not expressly use some copy machine which e-mails you documents in MS Office formats, then it's almost certainly going to be spam/malware.
By default LibreOffice is pretty much locked down.
If you see Tools>Options>Libreoffice>Security you will find that only macros from trusted sources are allowed to run and untrusted are disable (default setting). You can also manage Trusted Certificates. Link are not allowed to be clicked with mouse cursor. If you want to open a link you have to press Ctrl too.
Save the attachment to your Google Drive (1 scan then).
Open it in Google Docs (another scan). Google has one of the BEST malware/viri engines.
To be really totally safe, then open the file on a Chromebook (another scan)
IMHO... I avoid MS products all I can, Libre Office is OK, but Google Docks "rocks" ... pun intended!
And you don't have the hastle of building/tweaking a VM
If the format is .docx, you could use an unzipping program to extract only the XML files, then view the XML files with a text editor or browser.
See also https://stackoverflow.com/questions/14834270/security-of-unzipping-user-submitted-files.
Open it with gedit as a text document, you're going to meed to scroll through a LOT of HTML formatting but you can read it, but as stated earlier, if you're unaure delete it unopened.