Macro Security "Trusted Sources" clarification?

Creating a macro - Writing a Script - Using the API (OpenOffice Basic, Python, BeanShell, JavaScript)
Post Reply
miasma.gajs
Posts: 28
Joined: Thu Sep 18, 2014 1:18 pm

Macro Security "Trusted Sources" clarification?

Post by miasma.gajs »

Posting this because I could not find explicit explanation and I, at least, was confused about where a Trusted Source actually is; please feel free to correct any of the following :

With respect to Macro Security (for Windows : Tools -> Options -> Security -> Macro Security -> Trusted Sources), the Location is the location of the document that the macro is being executed on, not the location where the macro actually resides.

Specifically, macros themselves are (usually?) under the %appdata% directory - e.g. C:\Users\[user]\AppData\Roaming . When I Added this directory as a Trusted Source, OO still prevented macro execution. I checked that this was where OO is actually looking by renaming Module1.xba under that directory, and macros disappeared.

When I added the OO document directory as a Trusted Source, macro execution was allowed as expected.

Summary : Trusted Sources should list your OO document directory.

Personally I find this counterintuitive, so this post may help anyone with similarly unconventional thinking.

Related : Raises questions about how practical this is when using documents from many different directories.
Apache OpenOffice 4.1.13
MS Windows 7 Pro x64 SP1
miasma.gajs
Posts: 28
Joined: Thu Sep 18, 2014 1:18 pm

Re: Macro Security "Trusted Sources" clarification?

Post by miasma.gajs »

Relevant - this took effect on v4.1.12 and addresses a security risk :
https://forum.openoffice.org/en/forum/v ... 27#p526227
Apache OpenOffice 4.1.13
MS Windows 7 Pro x64 SP1
User avatar
Villeroy
Volunteer
Posts: 31269
Joined: Mon Oct 08, 2007 1:35 am
Location: Germany

Re: Macro Security "Trusted Sources" clarification?

Post by Villeroy »

The latest version of AOO requires any document calling some macro to be in a trusted directory even if the document itself does not contain any macro code. LibreOffice has this requirement since years.

A trusted source is any directory you have specified as trusted. I declared my documents directory and a test directory in my temporary folder as being trusted. After downloading a document embedding or calling any macro code, I have to move the file to one of my trusted directories and open it from there.
Alternatively, I open a document from the downloads folder (with macros blocked), then store to a trusted directory and finally call menu:File>Reload which reloads the file without macro warning.
Please, edit this topic's initial post and add "[Solved]" to the subject line if your problem has been solved.
Ubuntu 18.04 with LibreOffice 6.0, latest OpenOffice and LibreOffice
Post Reply