parent
17446c5185
commit
deeec955f0
@ -0,0 +1,81 @@
|
||||
From 4e997c62fd6edf6c3fe9e553cc92c77fd48f039c Mon Sep 17 00:00:00 2001
|
||||
Message-ID: <4e997c62fd6edf6c3fe9e553cc92c77fd48f039c.1723718921.git.erack@redhat.com>
|
||||
From: Sarper Akdemir <sarper.akdemir@allotropia.de>
|
||||
Date: Tue, 11 Jun 2024 12:39:36 +0200
|
||||
Subject: [PATCH] remove ability to trust not validated macro signatures in
|
||||
high security
|
||||
MIME-Version: 1.0
|
||||
Content-Type: multipart/mixed; boundary="------------erAck-patch-parts"
|
||||
|
||||
This is a multi-part message in MIME format.
|
||||
--------------erAck-patch-parts
|
||||
Content-Type: text/plain; charset=UTF-8; format=fixed
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
|
||||
Giving the user the option to determine if they should trust an
|
||||
invalid signature in HIGH macro security doesn't make sense.
|
||||
CommonName of the signature is the most prominent feature presented
|
||||
and the CommonName of a certificate can be easily forged for an
|
||||
invalid signature, tricking the user into accepting an invalid
|
||||
signature.
|
||||
|
||||
in the HIGH macro security setting only show the pop-up to
|
||||
enable/disable signed macro if the certificate signature can be
|
||||
validated.
|
||||
|
||||
cherry-picked without UI/String altering bits for 24-2
|
||||
|
||||
Change-Id: Ia766fb701660160ee5dc9f6e077f4012a44ce721
|
||||
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/168667
|
||||
Tested-by: Jenkins
|
||||
Reviewed-by: Sarper Akdemir <sarper.akdemir@allotropia.de>
|
||||
(cherry picked from commit 2beaa3be3829303e948d401f492dbfd239d60aad)
|
||||
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/169525
|
||||
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
|
||||
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171306
|
||||
Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com>
|
||||
Tested-by: Caolán McNamara <caolan.mcnamara@collabora.com>
|
||||
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171314
|
||||
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171315
|
||||
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171317
|
||||
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171323
|
||||
---
|
||||
sfx2/source/doc/docmacromode.cxx | 8 ++++++--
|
||||
1 file changed, 6 insertions(+), 2 deletions(-)
|
||||
|
||||
|
||||
--------------erAck-patch-parts
|
||||
Content-Type: text/x-patch; name="0001-remove-ability-to-trust-not-validated-macro-signatur.patch"
|
||||
Content-Transfer-Encoding: 8bit
|
||||
Content-Disposition: attachment; filename="0001-remove-ability-to-trust-not-validated-macro-signatur.patch"
|
||||
|
||||
diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx
|
||||
index 8a617b1785c6..997a8f739395 100644
|
||||
--- a/sfx2/source/doc/docmacromode.cxx
|
||||
+++ b/sfx2/source/doc/docmacromode.cxx
|
||||
@@ -229,14 +229,18 @@ namespace sfx2
|
||||
// check whether the document is signed with trusted certificate
|
||||
if ( nMacroExecutionMode != MacroExecMode::FROM_LIST )
|
||||
{
|
||||
+ SignatureState nSignatureState = m_xData->m_rDocumentAccess.getScriptingSignatureState();
|
||||
+
|
||||
// the trusted macro check will also retrieve the signature state ( small optimization )
|
||||
const SvtSecurityOptions aSecOption;
|
||||
const bool bAllowUIToAddAuthor = nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN
|
||||
&& (nMacroExecutionMode == MacroExecMode::ALWAYS_EXECUTE
|
||||
- || !aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors));
|
||||
+ || !aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors))
|
||||
+ && (nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_WARN
|
||||
+ || nSignatureState == SignatureState::OK);
|
||||
+
|
||||
const bool bHasTrustedMacroSignature = m_xData->m_rDocumentAccess.hasTrustedScriptingSignature(bAllowUIToAddAuthor);
|
||||
|
||||
- SignatureState nSignatureState = m_xData->m_rDocumentAccess.getScriptingSignatureState();
|
||||
if ( nSignatureState == SignatureState::BROKEN )
|
||||
{
|
||||
if (!bAllowUIToAddAuthor)
|
||||
|
||||
--------------erAck-patch-parts--
|
||||
|
||||
|
Loading…
Reference in new issue