Tuesday, March 31, 2009

New Security Concerns Raised For Google Docs

Last week TechCrunch posted an interesting look at some "loopholes" found in Google Docs.

None of them seemed particularly counterintuitive to us, but Google did clarify the issue on the official Google Docs blog.

In short the issues are:

1. Images embedded in documents are not deleted when the documents are. This is to prevent links to images going bad after documents are changed or updated.

As you have to actually share the document for someone to get the URL for an image, this isn't a big deal (although it's helpful to know about it).

2. Document revisions of drawings in shared documents are made available to people you shared the document with.

This could be a little troublesome if you don't trust the person you're sharing the document with, but making a new copy of the drawing and linking to that is a good workaround for the time being, as is making a PDF file of the entire document and sharing that with them instead.

3. Finally, when you share a document and allow document invitations to be forwarded to anyone it does exactly this. They can be forwarded to anyone and do not expire when you stop sharing the document with a specific person.

To disable this feature when sharing documents in Google Docs uncheck it (in documents and presentations, it's called "invitations may be used by anyone" and in spreadsheets it's "editors can share this item").