Is it possible to add to Trusted Locations via LISP?
At the moment I have a shortcut to AutoCAD that runs a script, which in turn runs a LISP file to set support paths.
But would it be possible, instead of support paths, to add a trusted location?
Basically, I am going to check if it's later than AutoCAD 2013 and then, if not, add the trusted paths.
(if (>= (getvar "ACADVER") "19.1")
(do-this))
Just need to find the right command to replace the "do-this" with.
This is what I've got at the moment:
(if (>= (getvar "ACADVER") "19.1")
(setvar 'trustedpaths
"path1"
"path2"
"path3"
))
It tells me that there are too many arguments.
Solved! Go to Solution.
Thanks
Managed to sort it
(if (>= (getvar "ACADVER") "19.1")
(setvar "trustedpaths" (strcat (getvar "trustedpaths")
"path1;"
"path2;"
"path3;"
)))
The illustrated solution points to a huge security hole in the trustedpaths system. A user program should not be able to affect or gain access to these settings.
That is why it is important to set up AutoCAD properly and follow Autodesk's guidelines. Namely, the locations that are trusted should have read access only so that persons with malicious intent cannot edit the code in them. So long as you follow this rule and do not run code you are not familiar with, then you are not at risk. I update trusted paths via LISP for the various users in our office so I don't have to go to each terminal and waste more time. Having access to do so improves our efficiency.
Yes, I understand that such programming could be helpful for CAD admin but the same ability could be disasterous if malicious code were ever run. Since there would be no prompting or verification to the user that the paths are read/write, a malicious code could add whatever paths it wanted.
This is why the trusted paths is mostly a fantasy protection.
I see what you're saying but I'm using the LISP to add it because there are no default trusted locations (or I don't think there are).
When you run the LISP it does say that it's not in the Trusted Location and asks you if you want to run it.
But if you wanted to run it without having to add the LISP to the trusted path you can just add a script to the shortcut that loads AutoCAD with SECURELOAD set to 0, which then just turns off the security all together and you don't even get prompted when that's done.
I agree - being able to change this through code in the software itself isn't the best of ideas. As a registry setting the values can be easily changed via a script/BAT and a REG file, via SCCM or other means used to securely and efficiently distribute software and/or system updates.
I just came across this thread, as I am just starting to test my site's custom menu/loading routines with ACAD2014. I too was confronted with all manner of warning alert boxes... and after researching what that was all about, I found this thread.
I started to apply the solution that the OP offered, but my situation is a little different and so I offer the variation that I came up with to solve my particular issue.
I needed to be able to append and remove specified TRUSTEDPATHs to/from whatever the existing paths are there because while my office has customization that needs to load and have a specific environment set, I also have my own custom partial menu and add-ons, with LSP files, etc that I need to keep separate from the office-wide settings.... and I need control to be able to remove specific TRUSTEDPATHS - some of which are part of my company's menu, and some are part of my personal custom menu per each menu's own uninstallation routine. I always have an uninstall routine for a custom partial menu, so I can clean up artifacts like settings, search paths, and other dependant variables for a clean uninstall of the menus/customization that I create.
So I created two functions which can add and remove paths to the TRUSTEDPATHS sysvar.
In the attached LSP/txt, all the necessary functions to add and remove TRUSTEDPATHS are included, along with example calls.
You simply define the ADDPATH function with whatever paths you want to be part of your custom menu/environment (props to EC-CAD (Bob) for this, it's a variant on his "AddSupportPath" function that I use ALL the time)....
e.g.
(defun ADDTRUST () (addTrustPath "C:\\MY-MENU\\..." nil) (addTrustPath "G:\\CAD Library\\..." nil) )
The "\\..." at the end of the path gives trust to all subfolders after that main folder you specify for increased
Then, in my installation LISP routine that I use to load in the custom partial menu, set search paths, etc, I call the function this way:
(if (>= (getvar "ACADVER") "19.1")(ADDTRUST))
So that it will first check to see if you're running version 2014, or higher, before it attempts to set any TRUSTEDPATHs.
I totally get that this whole TRUSTEDPATHS thing isn't really fully baked yet - so be careful as to what you put where, and what kind of permissions are on your customization folders.
Note - there are no blatant error handlers - but I've been using these principles for adding/removing Search Paths for about 8 years now and have never had a glitch....
- muddyrunnergirl