Most elegant way to disable all BASIC functionality?

Andrew Douglas Pitonyak andrew at pitonyak.org
Mon Feb 27 18:08:04 PST 2012 

On 02/27/2012 11:46 AM, Noel Power wrote:
> On 27/02/12 16:02, Andras Timar wrote:
>> Hi,
>>
>> 2012/2/27 Eike Rathke<erack at redhat.com>:
>>> If this is only about no BASIC should be executed, there's the
>>> configuration setting behind Tools->Options->Security, Macro Security.
>>> If Security Level is set to Very High and no paths are added to Trusted
>>> Sources, then no BASIC is executed at all (which btw I strongly
>>> recommend as a developer loading bug documents from external sources).
>>> So maybe hard-wiring that setting for the App-Store and not offer the
>>> dialog would be enough?
>> When I set Macro Security Very High, I can still run the Euro
>> Converter Wizard (written in Basic).
> I haven't been good at reading mail today and just saw this last 
> message ( I promise to read back the thread later ) but regarding the 
> Euro converter wizard isn't that written in Java ? Anyway regardless I 
> suppose if it is running BASIC libraries then it is bypassing that 
> Macro security stuff by calling basic directly, iirc the macro 
> security stuff operates at the level of user interaction and the event 
> handling framework so its still possible for core code to call BASIC 
> directly.
> Anyway it just goes to prove that to be absolutely sure we should just 
> clobber BASIC directly. I think that should be simple enough from a 
> runtime pov, there are just a couple of entry points to do with 
> compiling/running the BASIC code [*], making all/some of them ( at 
> compile-time ) no-ops might be the simplest way to disable things. 
> iirc there are quite some interdependencies between at least ( basctl, 
> framework, xmlscript, scripting & ( others ?) that would make the more 
> agreeable option of not building or delivering the basic module a 
> little harder to achieve without some deeper changes ( but we could 
> look into what is involved with that )
>
> Noel
>
> [*]
> SbModule::Compile ( I would guess if we force that to fail/do-nothing 
> will ensure no basic runs )
> SbMethod::Call
> StarBASIC::Call
>
> SbModule::Run
> StarBASIC::Call
Off hand, I would say that it would not matter that it can still run 
stuff distributed with it, but a creative person could perhaps modify 
things so that they added something that looked like it came with it....

-- 
Andrew Pitonyak
My Macro Document: http://www.pitonyak.org/AndrewMacro.odt
Info:  http://www.pitonyak.org/oo.php

More information about the LibreOffice mailing list