VSTO Security Model

VSTO makes it easy for you to create great Office solutions. Of course, after you have completed your solution, you must deploy it to end users in a secure, maintainable way. VSTO has a powerful, flexible security model that is built on top of .NET code access security, giving you control over which code you allow to run on your machine.

One of the key security design principles of VSTO is that it is secure by default. This means that no code runs without having been given specific permission to run. You may be thinking that throughout this book you have been creating VSTO solutions and haven't had to think about security; when you pressed F5, the code just ran. That is because when you create a new VSTO solution, the IDE automatically gives explicit permission for your solution to run on your development machine. We will take a look at how this permission is granted, but first you need to understand a little about CAS.

Another key security design principle of VSTO is that the document does not contain the code. Unlike VBA solutions, which are embedded in the document (or in a global template), VSTO assemblies are contained in a separate code file. This makes it more difficult to propagate macro viruses because virus writers cannot simply use e-mail to distribute document viruses. The document solution must be installed to a trusted location before it will run. Although this is a very secure system, it makes deployment a little more challenging.

0 0

Post a comment