Further, while SecureLoad has merit, this illustrates just how poorly thought out TrustedPaths is, as SFSP *should* be the core of what is implicitly trusted from the outset.
Makes the most sense! Both those settings are simply registry entries. So it's not as if someone could add to SFSP but not TrustedPaths - it's not any more secure. As the simplest implementation I'd have said: All folders in SFSP should be implicitly "trusted" and TrustedPaths should only be used to extend explicit path trusting for such stuff as load statements with full paths in their arguments. IMO, that is what adesk should have done if they spent anything more than 2 seconds to plan this thing.
Makes more sense doesn't it? As I understand it's working now (i.e. reading the non-existent documentation): SFSP still operates exactly as before, it's simply a list of paths to search through if no specific folder is specified. Trusted paths is added on top, but is not used as a search list, rather it's only used as a list of paths where loading is allowed. So if a file is in a SFSP but not a TP, then it will be blocked from loading. If the other way round: in TP, but not SFSP, then it won't even be found. Only when the file is in a path listed in both variables will it be loaded.
The ... subfolder for trusted can make it easier, but I can see that such can also defeat the idea behind TP: e.g. if you have something like F:\... in TP, and have your DWG's somewhere on the F drive, then you again have the issue of adadoc.lsp being searched first from the DWG's location. I.e. again infinitely vulnerable to the ACadDoc virus!
I could see that being a boon and a curse depending on where you put your LISP files. If there is a tremendous amount of subfolders and files in the same location, it could cause long search times when LISP commands are invoked, unless I misunderstand how search paths are accessed and when.
All too true. Just think of how acad slows down when there's just one non-existent path listed in the SFSP. Then place a windows explorer on the root path and type into the search box the word "acaddoc.lsp" ... see how long it takes to find the first of those (if at all). ACad is going to take just as long (at best) for each of the files it would need to find (including all the other auto-loading stuff as well as hatch patterns, etc. etc. etc.). I would steer clear of using such in a search path in this case, acad is slow enough as it is.
If they wanted to get really clever, they could set the order via a simple list ala the most-recently-used settings elsewhere.
Yep, this idea would be a lot more comprehensive without making life more difficult for an admin (at least not by much). Would probably need to have the default for Trusted=True and Depth=1, so it works similar to the old SFSP by default and can be adjusted where needed. But I don't think lots of people would be using the trused=0 idea here, the subfolder depth might be used quite often.