[Libreoffice-bugs] [Bug 129311] New: Don't ask to add a trusted macro signature, if trusted macro signatures are read-only

bugzilla-daemon at bugs.documentfoundation.org bugzilla-daemon at bugs.documentfoundation.org
Tue Dec 10 16:46:57 UTC 2019 

https://bugs.documentfoundation.org/show_bug.cgi?id=129311

            Bug ID: 129311
           Summary: Don't ask to add a trusted macro signature, if trusted
                    macro signatures are read-only
           Product: LibreOffice
           Version: Inherited From OOo
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Severity: normal
          Priority: medium
         Component: BASIC
          Assignee: libreoffice-bugs at lists.freedesktop.org
          Reporter: glogow at fbihome.de

Description:
An admin can lock the list of trusted authors / signatures by finalizing that
configuration attribute like:

    <node oor:name="Security">
        <node oor:name="Scripting">
            <node oor:name="TrustedAuthors" oor:finalized="true">
                <node oor:name="a0" oor:op="replace">
                    <prop oor:name="RawData" oor:op="fuse"><value>[base64
encoded DER x509 cert}</value></prop>
                    <prop oor:name="SubjectName" oor:op="fuse"><value>test key
- only signing <libreoffice at lists.freedesktop.org></value></prop>
                    <prop oor:name="SerialNumber"
oor:op="fuse"><value></value></prop>
                </node>
            </node>
            <prop oor:name="MacroSecurityLevel"
oor:finalized="true"><value>2</value></prop>
        </node>
    </node>

This disables the modification of that list in the macro security dialog (Tools
-> Options -> LibreOffice -> Security -> Macro security) and forces *High*
macro security.

Still, at the macro security level *High*, the user is asked when opening a
document with an unknown signature, if the signature should be added to the
list of trusted signatures. But since the signature list is locked, nothing
will actually be added. The result is some kind of "temporary trusted"
certificate, until LO is restarted.

This seems at least inconsequential. From my POV it's a bug and not a feature,
because an admin already locked the list of trusted signatures. Eventually that
dialog would want a checkbox with a different text to explicitly allow a
temporary trusted signature, with an additional option to explicitly enable
that feature, if someone really wants this in general.

Steps to Reproduce:
1. Install the attached sample config extension
2. Check the Macro security settings to be level *High* (with a lock) and the
LO trusted signatures to contain the LO unit test signature and isn't editable
(the lock icon needs a fix here)
3. Open the attached document

Actual Results:
The user is asked to add the unknown signature to the trusted signature list.

Expected Results:
The document is opened without enabled macros. Eventually LO even displays some
message box informing the user about the untrusted signature and the therefore
disabled macros.


Reproducible: Always


User Profile Reset: No



Additional Info:

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/libreoffice-bugs/attachments/20191210/8bccdc2e/attachment.htm>

More information about the Libreoffice-bugs mailing list