[Libreoffice-bugs] [Bug 126574] New: description of macro security level settings is misleading or wrong
bugzilla-daemon at bugs.documentfoundation.org
bugzilla-daemon at bugs.documentfoundation.org
Sat Jul 27 14:37:19 UTC 2019
https://bugs.documentfoundation.org/show_bug.cgi?id=126574
Bug ID: 126574
Summary: description of macro security level settings is
misleading or wrong
Product: LibreOffice
Version: 6.2.5.2 release
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: trivial
Priority: medium
Component: LibreOffice
Assignee: libreoffice-bugs at lists.freedesktop.org
Reporter: Toni.Dietze+bugs.documentfoundation.org at mailbox.org
Description:
Short version:
Correct the macro security level description of the High level. Current text:
> Only signed macros from trusted sources are allowed to run.
> Unsigned macros are disabled.
Proposal:
> Only macros from trusted sources and signed macros (from any source) are allowed to run.
> Macros that are neither from a trusted source nor signed are disabled.
(Please check the correctness.)
--------
Long version:
The macro security level settings of Libre Office provide the following
options:
> _Low (not recommended).
> All macros will be executed without confirmation.
> Use this setting only if you are certain that all documents that will be opened are safe.
>
> _Medium.
> Confirmation required before executing macros from untrusted sources.
>
> H_igh.
> Only signed macros from trusted sources are allowed to run.
> Unsigned macros are disabled.
>
> _Very high.
> Only macros from trusted file locations are allowed to run.
> All other macros, regardless whether signed or not, are disabled.
(cf. Tools/Options…/LibreOffice/Security/Macro Security…/Security Level; text
copied from xmlsecurity/uiconfig/ui/securitylevelpage.ui commit
67950f00989dff4640ba83e540673375a2c60a13)
The descriptions of some settings appear to be contradictory:
- The formulation of the High setting suggests that macros need to be signed
_and_ from a trusted source. Especially the second sentence “Unsigned macros
are disabled” strengthens the need of a signature.
- Also the text for Very high setting demands that macros come from a trusted
source, however, signing is not mentioned.
Looking at the help
(https://help.libreoffice.org/6.2/en-US/text/shared/optionen/macrosecurity_sl.html),
it seems to be the case that the High setting actually accepts macros that are
signed _or_ come from a trusted source. There we find the following
description:
> Only signed macros from a trusted source are allowed to run. In addition, any macro from a trusted file location is allowed to run.
(In my opinion, it is not good style to give a statement in a first sentence
but then alter the meaning of the statement in a second sentence, but that is
another issue.)
I propose to change the description of the High setting to:
> Only macros from trusted sources and signed macros (from any source) are allowed to run.
> Macros that are neither from a trusted source nor signed are disabled.
Note that I am only guessing here.
I strongly suggest to accurately recheck if the descriptions of each security
level matches the actual effect of that setting. Translations for localization
maybe have to be adapted as well.
Steps to Reproduce:
Read the settings at Tools/Options…/LibreOffice/Security/Macro
Security…/Security Level.
Actual Results:
The descriptions of the macro security levels seem contradictory.
Expected Results:
The descriptions shall be accurate.
Reproducible: Always
User Profile Reset: No
Additional Info:
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/libreoffice-bugs/attachments/20190727/4f4eb3d3/attachment-0001.html>
More information about the Libreoffice-bugs
mailing list