Add theoretical security checks to every script available on the lock screen (#14211)
Summary of the issue:
NVDA may cache or directly access objects below the lock screen while Windows is locked.
As a result, without security checks, secure information may be leaked while Windows is locked.
"Secure objects" refer to NVDAObjects which may contain secure information: i.e. objects below the lock screen while Windows is locked.
In 2022.2.4, additional security checks were added to api.setReviewCursor to prevent secure objects from being set as the review cursor.
The results of api.setReviewCursor are not acknowledged, meaning theoretically a cached secure object may be announced.
Similar issues exist for other scripts available on the lock screen.
A thorough review of every script available on the lock screen is required.
There are no known exploits related to the theoretical issues that this PR attempts to solve.
Description of user facing changes
None
Description of development approach
A thorough review of every script available on the lock screen was performed.
Additional security checks were added to ensure that no secure objects or text from secure objects are cached or announced when activating a script available on the lock screen.
nvda
b6c557a4 - Add theoretical security checks to every script available on the lock screen (#14211)
