Merge pull request from GHSA-q7c2-pgqm-vvw5
https://github.com/nvaccess/nvda/security/advisories/GHSA-q7c2-pgqm-vvw5
An exploit was possible which allowed a user to elevate from user to system privileges.
This is via installing a malicious add-on to the secure screen.
This allowed the user to execute arbitrary code with system permissions.
None
When NVDA is running in secure mode, such as on a secure screen, the following remote procedure calls are now blocked:
- installing an add-on to a secure desktop
- opening the config directory on the secure desktop (this does not appear to do anything on the secure desktop)
with a self-signed build:
- Test STR in https://github.com/nvaccess/nvda/security/advisories/GHSA-q7c2-pgqm-vvw5
- Smoke test the sign-in process
