mir/libreoffice
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

officecfg,desktop: add Office::Security::Net::AllowInsecureUNORemoteProtocol

Browse Source 
This disables the "com.sun.star.office.Acceptor" UNO service that
handles the soffice "--accept" argument; now it can be disabled and
locked in configuration by system administrator.

Change-Id: I6747a128c3afa6a0cb351766365c8affc0b2614e
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159151
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
This commit is contained in:
Michael Stahl
2023-11-08 16:12:08 +01:00
parent 8e46dd9599
commit ec3ffe6268
4 changed files with 21 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
desktop/Library_offacc.mk
View File

@@ -11,6 +11,10 @@ $(eval $(call gb_Library_Library,offacc))
$(eval $(call gb_Library_use_sdk_api,offacc)) $(eval $(call gb_Library_use_sdk_api,offacc))
$(eval $(call gb_Library_use_custom_headers,offacc,\
officecfg/registry \
))
$(eval $(call gb_Library_use_libraries,offacc,\ $(eval $(call gb_Library_use_libraries,offacc,\
comphelper \ comphelper \
cppu \ cppu \

4
desktop/source/app/appinit.cxx
View File

@@ -41,6 +41,8 @@
#include <unotools/tempfile.hxx> #include <unotools/tempfile.hxx>
#include <vcl/svapp.hxx> #include <vcl/svapp.hxx>
#include <unotools/pathoptions.hxx> #include <unotools/pathoptions.hxx>
#include <iostream>
#include <map> #include <map>
using namespace ::com::sun::star::uno; using namespace ::com::sun::star::uno;
@@ -165,7 +167,7 @@ void Desktop::createAcceptor(const OUString& aAcceptString)
} }
else else
{ {
SAL_WARN( "desktop.app", "Acceptor could not be created"); ::std::cerr << "UNO Remote Protocol acceptor could not be created, presumably because it has been disabled in configuration." << ::std::endl;
} }
} }

7
desktop/source/offacc/acceptor.cxx
View File

@@ -23,6 +23,7 @@
#include <com/sun/star/bridge/BridgeFactory.hpp> #include <com/sun/star/bridge/BridgeFactory.hpp>
#include <com/sun/star/connection/Acceptor.hpp> #include <com/sun/star/connection/Acceptor.hpp>
#include <com/sun/star/uno/XNamingService.hpp> #include <com/sun/star/uno/XNamingService.hpp>
#include <officecfg/Office/Security.hxx>
#include <cppuhelper/supportsservice.hxx> #include <cppuhelper/supportsservice.hxx>
#include <sal/log.hxx> #include <sal/log.hxx>
#include <comphelper/diagnose_ex.hxx> #include <comphelper/diagnose_ex.hxx>
@@ -240,6 +241,12 @@ extern "C" SAL_DLLPUBLIC_EXPORT css::uno::XInterface*
desktop_Acceptor_get_implementation( desktop_Acceptor_get_implementation(
css::uno::XComponentContext* context, css::uno::Sequence<css::uno::Any> const&) css::uno::XComponentContext* context, css::uno::Sequence<css::uno::Any> const&)
{ {
if (!officecfg::Office::Security::Net::AllowInsecureUNORemoteProtocol::get())
{
// this is not allowed to throw
SAL_WARN("desktop", "UNO Remote Protocol is disabled by configuration");
return nullptr;
}
return cppu::acquire(new desktop::Acceptor(context)); return cppu::acquire(new desktop::Acceptor(context));
} }

8
officecfg/registry/schema/org/openoffice/Office/Security.xcs
View File

@@ -46,7 +46,7 @@
</group> </group>
<group oor:name="Net"> <group oor:name="Net">
<info> <info>
<desc>Specifies how secure hyperlinks are processed.</desc> <desc>Specifies security aspects of network connections.</desc>
</info> </info>
<prop oor:name="AllowInsecureProtocols" oor:type="xs:boolean" oor:nillable="false"> <prop oor:name="AllowInsecureProtocols" oor:type="xs:boolean" oor:nillable="false">
<info> <info>
@@ -54,6 +54,12 @@
</info> </info>
<value>true</value> <value>true</value>
</prop> </prop>
<prop oor:name="AllowInsecureUNORemoteProtocol" oor:type="xs:boolean" oor:nillable="false">
<info>
<desc>Allow listening for unauthenticated remote code execution via soffice --accept.</desc>
</info>
<value>true</value>
</prop>
</group> </group>
</component> </component>
</oor:component-schema> </oor:component-schema>