The note for the setting seems to contradict itself and/or the rest of the documentation: "Enables executing JS by clicking menu items. When off, privileged JS calls can be executed via the menu unless they have been wrapped in the app.trustFunction. Executing non-privileged JS calls via menu items is not blocked whether this box has been checked or not."
Is that supposed to read "JS calls cannot [...] unless"?
Will checking the box make reader more or less restrictive of embedded javascript from arbitrary sources in unsigned pdfs?