On 02/27/2012 11:46 AM, Noel Power wrote:
On 27/02/12 16:02, Andras Timar wrote:
Hi,
2012/2/27 Eike Rathke<erack@redhat.com>:
If this is only about no BASIC should be executed, there's the
configuration setting behind Tools->Options->Security, Macro Security.
If Security Level is set to Very High and no paths are added to Trusted
Sources, then no BASIC is executed at all (which btw I strongly
recommend as a developer loading bug documents from external sources).
So maybe hard-wiring that setting for the App-Store and not offer the
dialog would be enough?
When I set Macro Security Very High, I can still run the Euro
Converter Wizard (written in Basic).
I haven't been good at reading mail today and just saw this last
message ( I promise to read back the thread later ) but regarding the
Euro converter wizard isn't that written in Java ? Anyway regardless I
suppose if it is running BASIC libraries then it is bypassing that
Macro security stuff by calling basic directly, iirc the macro
security stuff operates at the level of user interaction and the event
handling framework so its still possible for core code to call BASIC
directly.
Anyway it just goes to prove that to be absolutely sure we should just
clobber BASIC directly. I think that should be simple enough from a
runtime pov, there are just a couple of entry points to do with
compiling/running the BASIC code [*], making all/some of them ( at
compile-time ) no-ops might be the simplest way to disable things.
iirc there are quite some interdependencies between at least ( basctl,
framework, xmlscript, scripting & ( others ?) that would make the more
agreeable option of not building or delivering the basic module a
little harder to achieve without some deeper changes ( but we could
look into what is involved with that )
Noel
[*]
SbModule::Compile ( I would guess if we force that to fail/do-nothing
will ensure no basic runs )
SbMethod::Call
StarBASIC::Call
SbModule::Run
StarBASIC::Call
Off hand, I would say that it would not matter that it can still run
stuff distributed with it, but a creative person could perhaps modify
things so that they added something that looked like it came with it....
--
Andrew Pitonyak
My Macro Document: http://www.pitonyak.org/AndrewMacro.odt
Info: http://www.pitonyak.org/oo.php
Context
- Re: Most elegant way to disable all BASIC functionality? (continued)
Privacy Policy |
Impressum (Legal Info) |
Copyright information: Unless otherwise specified, all text and images
on this website are licensed under the
Creative Commons Attribution-Share Alike 3.0 License.
This does not include the source code of LibreOffice, which is
licensed under the Mozilla Public License (
MPLv2).
"LibreOffice" and "The Document Foundation" are
registered trademarks of their corresponding registered owners or are
in actual use as trademarks in one or more countries. Their respective
logos and icons are also subject to international copyright laws. Use
thereof is explained in our
trademark policy.