sfx2/source/doc/docmacromode.cxx | 7 +++++++
1 file changed, 7 insertions(+)
New commits:
commit 505f97b5b23954d689d55640977da6ec1af523b9
Author: Mike Kaganski <mike.kagan...@collabora.com>
AuthorDate: Tue Nov 7 13:38:33 2023 +0300
Commit: Mike Kaganski <mike.kagan...@collabora.com>
CommitDate: Tue Nov 7 17:38:33 2023 +0100
Add a description comment
Basically describing commit 71c6f438cecc3ce5e8060efe1df840652885701c
(tdf#129311 don't allow temporary trusted certs, 2019-12-17).
Change-Id: I4d947014b09412638560e9249f242cf6ff222cc2
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159069
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kagan...@collabora.com>
diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx
index ec56e3f529e7..637f137866ba 100644
--- a/sfx2/source/doc/docmacromode.cxx
+++ b/sfx2/source/doc/docmacromode.cxx
@@ -189,6 +189,13 @@ namespace sfx2
// check whether the document is signed with trusted certificate
if ( nMacroExecutionMode != MacroExecMode::FROM_LIST )
{
+ // At this point, the possible values of nMacroExecutionMode
are: ALWAYS_EXECUTE,
+ // FROM_LIST_AND_SIGNED_WARN (the default),
FROM_LIST_AND_SIGNED_NO_WARN.
+ // ALWAYS_EXECUTE corresponds to the Medium security level; it
should ask for
+ // confirmation when macros are unsigned or untrusted.
FROM_LIST_AND_SIGNED_NO_WARN
+ // should not ask any confirmations. FROM_LIST_AND_SIGNED_WARN
should only allow
+ // trusted signed macros at this point; so it may only ask for
confirmation to add
+ // certificates to trusted, and shouldn't show UI when trusted
list is read-only.
// the trusted macro check will also retrieve the signature
state ( small optimization )
const bool bAllowUI = nMacroExecutionMode !=
MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN
&& (nMacroExecutionMode ==
MacroExecMode::ALWAYS_EXECUTE
