Description: Open a Base file containing macros and with system options set to disable macro execution - most attempts to start a macro will issue a security warning and fail, but one way allows the macro to run. Steps to Reproduce: 1. From LibO open Tools->Options->Scurity 2. Click on Macro Security 3. Make sure the Macro Security setting is HIGH (only signed macros from trusted sources are allowed) 4. Close options dialog 5. download and open attached ODB file (security warning box opens; "This document contains macros. Macros may contain viruses. Execution of macros is disabled due to the current macro security setting in Tools - Options - LibreOffice - Security. Therefore, some functionality may not be available." 6. clear message box 7. Open the Basic editor Tools->Macros->Run Macro 8. Select file "tst_macro_security" and open library 'TestLibrary", Module1 9. select Main 10. Click on Run (no warning message is displayed, but the macro doesn't run either) 12. Select Tools->Macros->Organize Macros->Libreoffice Basic 13. Select file "tst_macro_security", open library 'TestLibrary", Module1 14. Select Main and click edit 15. From inside the Basic editor try to Run the macro Main 16. Security Notification is displayed: "For security reasons, you cannot run this macro. For more information, check the security settings." 17. Close the Basic editor 18. Select Tools->Macros->Organize Macros->Libreoffice Basic 19. Select file "tst_macro_security" and open library 'TestLibrary", Module1 20. Double click on the sub procedure "Main" Actual Results: The code runs, a form is opened. Expected Results: The same security message as when the user tried to run the macro from inside the Basic editor. Reproducible: Always User Profile Reset: No Additional Info: Tested on Ubuntu 18.04 with build: Version: 6.0.4.2 Build ID: 9b0d9b32d5dcda91d2f1a96dc04c645c450872bf CPU threads: 4; OS: Linux 4.15; UI render: default; VCL: gtk2; Locale: en-US (en_US.UTF-8); Calc: group User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/66.0.3359.181 Chrome/66.0.3359.181 Safari/537.36
Created attachment 142297 [details] test odb with macros Test file with table, form and macros
changing version number (this bug is in 5.4.7 rel [from TDF] and 6.2Alpha0) ps - if you run the test you can execute the macro init first and actually create a quite connection to the database and then main and you get the form, with no basic errors and live data ;-) Version: 5.4.7.2 Build ID: c838ef25c16710f8838b1faec480ebba495259d0 CPU threads: 4; OS: Linux 4.15; UI render: default; VCL: gtk2; Locale: en-US (en_US.UTF-8); Calc: group
On pc Debian x86-64 with master sources updated today, I could reproduce this.
I submitted a patch on gerrit for review: https://gerrit.libreoffice.org/#/c/54867/ Hope it's ok.
Julien Nabet committed a patch related to this issue. It has been pushed to "master": http://cgit.freedesktop.org/libreoffice/core/commit/?id=7667dda435b2671f1d78e967669fa0fe725b5af6 tdf#117825: check if macros are allowed when double-click one It will be available in 6.2.0. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
Hope it's ok because nobody commented it. I submitted the backport on 6.1: https://gerrit.libreoffice.org/#/c/55212/
Julien Nabet committed a patch related to this issue. It has been pushed to "libreoffice-6-1": http://cgit.freedesktop.org/libreoffice/core/commit/?id=5c213d9f59a131fc80f9b6258771f6df6267041e&h=libreoffice-6-1 tdf#117825: check if macros are allowed when double-click one It will be available in 6.1.0.1. The patch should be included in the daily builds available at http://dev-builds.libreoffice.org/daily/ in the next 24-48 hours. More information about daily builds can be found at: http://wiki.documentfoundation.org/Testing_Daily_Builds Affected users are encouraged to test the fix and report feedback.
(In reply to Julien Nabet from comment #6) > Hope it's ok because nobody commented it. > I submitted the backport on 6.1: https://gerrit.libreoffice.org/#/c/55212/ Just tried it in 6.2 Alpha June 17th build and the fix works as expected here.
Verified with 6.1 build also: Version: 6.1.0.0.beta2+ Build ID: 2acaf22274068fbc4181120084aa372254e11686 CPU threads: 4; OS: Linux 4.15; UI render: default; VCL: gtk2; TinderBox: Linux-rpm_deb-x86_64@70-TDF, Branch:libreoffice-6-1, Time: 2018-06-21_02:23:27 Both targets versions 6.1 and 6.2 verified, but I closing the issue just yet, if there is a 6.0.6 maybe it should make into that and then close it.