Welcome to MSDN Blogs Sign in | Join | Help

Browse by Tags

All Tags » VSTO   (RSS)
Thursday, January 20, 2005 6:01 AM

Back to VBA

Today I needed to write a fairly simple piece of code to manipulate some Excel documents, and I chose to do it in VBA. That might sound like heresy for someone who used to work on Visual Studio Tools for Office, but since I switched teams I feel no obligation
Posted by ptorr | 3 Comments
Filed under:
Saturday, November 06, 2004 11:12 PM

Dr. Strongname, or: How I Learned to Stop Worrying and Love the URL

One of the problems with the Trustworthy Computing initiative is that many of our products have become harder to use as a result, either due to configuration changes or documentation changes. For example, Windows Server 2003 now ships with pretty much
Posted by ptorr | 9 Comments
Filed under: ,
Friday, October 29, 2004 1:32 AM

Show me the money!

A member of the VSTO team just came to my office and asked, "Is it bad to trust all Office documents on the Local Intranet?" That's a good question, and after answering it for him I thought it was also worth blogging about (plus I'm hanging around the
Posted by ptorr | 4 Comments
Filed under: ,
Friday, September 03, 2004 7:26 AM

It's OK to tell people what they already know

I like it when people send me e-mail with security questions. I like it because it implies two things: 1) The person is thinking about the security implications of their code, and has recognised a possible problem; and 2) The person realises that they
Posted by ptorr | 0 Comments
Filed under: ,
Friday, September 03, 2004 7:22 AM

Code Repurposing and Untrustworthy Data

This is just a generic launching place for four other blog entries, since I seem to send them to people on a regular basis and sending one URL is easier than four :-) Code repurposing · http://weblogs.asp.net/ptorr/archive/2003/10/16/56270.aspx · http://weblogs.asp.net/ptorr/archive/2003/10/21/56296.aspx
Posted by ptorr | 1 Comments
Filed under: , ,
Friday, July 16, 2004 3:32 AM

When is the Local Intranet not the Local Intranet?

When it's in another zone, of course. One of the recommendations we give for setting policy on VSTO projects is to sign your assembly (either with an Authenticode certificate or a strongname) and then trust that key only for a specific computer (eg, your
Posted by ptorr | 5 Comments
Filed under: ,
Friday, July 16, 2004 3:11 AM

A useful regfile for VSTO

Here's a quick post with a regfile you can use to help you test your VSTO projects. Cut and paste the text below into a text file (be careful of line wrapping) and save it with a reg extension. Then open up regedit (as a member of the Administrators group)
Posted by ptorr | 8 Comments
Filed under: , ,
Friday, April 16, 2004 11:46 PM

Why does Outlook have an OM?

This one could be controversial ;-) In a recent comment, Edd James (note to Edd: that link gives a 403) asks why Outlook and Excel " need this ability to run scripts/macros [?]" First I want to clear up a common misconception about Outlook: Despite what
Posted by ptorr | 10 Comments
Filed under: , ,
Friday, April 16, 2004 12:36 AM

Top 5 List

Julie is looking for input on a Top 5 Good / Bad Things about VSTO list over on her blog. If you have any others to add, surf on over and help her out ;-)
Posted by ptorr | 1 Comments
Filed under:
Tuesday, April 13, 2004 4:19 PM

Follow up to "Don't trust that data"

Eric makes some good points in a comment to my last post . Nevertheless, the forces of evil within me compel me to respond anyway. (You should have blogged it, Eric ;-) ). Eric's main point is that the employee doesn't need to use formulas in order to
Posted by ptorr | 1 Comments
Filed under: , ,
Monday, April 12, 2004 12:04 AM

Don't trust that data!

A while ago I wrote a couple of blog entries on code repurposing and some mitigations , and one of the main causes of that problem is that developers inherently trust data. The text box caption says Name , so it's always gonna contain the user's name,
Posted by ptorr | 2 Comments
Filed under: , ,
Monday, April 05, 2004 3:41 PM

Another VSTO Blogger

Eric Carter has started blogging! That makes two out of our three Erics on the VSTO team blogging. Eric Carter works on building the next-generation programming model for VSTO 2 and doing an amazing array of other really cool things. And if you happen
Posted by ptorr | 4 Comments
Filed under: ,
Sunday, March 21, 2004 8:15 PM

Evidence is important, even if it grants no permissions

In a comment to my old VSTO security blog entry, Enrico Sabbadin asks why we can't just remove the Zone evidence from an assembly before creating the AppDomain. Good question, and Siew Moi bugged me about blogging this a long time ago as well, so I guess
Posted by ptorr | 4 Comments
Filed under: ,
Saturday, March 20, 2004 10:58 PM

Balancing Security and Usability

I'm often tempted to write about viruses and what I think the next "innovation" might be, but then I get scared that I might get put in jail (or deported) should any of my ideas ever see the light of day. (Not that I think the virus writers need any help
Posted by ptorr | 14 Comments
Filed under: , ,
Sunday, February 29, 2004 4:11 AM

The Amazing Disappearing Templates Act

As reported in the VSTO Newsgroup (can't...find...link) and on Julie's blog , if you try and access ThisApplication.Templates.Count from VSTO, you end up with only one (Normal.dot) instead of the n (where n > 1) entries you were expecting. I finally
Posted by ptorr | 0 Comments
Filed under:
More Posts Next page »
 
Page view tracker