VSTO Security Model

RE: VSTO Security Model

Siew Moi Khor — Wed, 05 Nov 2003 02:28:00 GMT

You bet. I might be on vacation but how much I like and believe in the vsto security model does not go on vacation ;-) The design is the right choice for where we are in Office today. In fact I think it's one of the coolest vsto "features". I could hardly contain my excitement when i first came to know about the vsto security model design. I've to use it a lot and also show people how to use it. Never once did I think it was painful or tedious. I really like it! Great design Peter!

RE: VSTO Security Model

Peter Torr — Fri, 21 Nov 2003 18:45:00 GMT

Ivan talks about how to do this kind of per-AppDomain policy updating in his blog at: http://blogs.gotdotnet.com/ivanmed/commentview.aspx/4104271e-dceb-466f-836a-8c791af63ea8

RE: VSTO Security Model

Fumiaki Yoshimatsu — Sat, 29 Nov 2003 06:31:00 GMT

I finally found some time to read this. It is all fantastic! Developers in this space should still be kind of educated about .NET CAS, but it is definitely the way to go. Thanks! BTW, our VSTO sample project has been released from Microsoft Japan. I don't know how many folks out there downloaded it, but I am sure it has some impact to them.

RE: VSTO Security Model

Peter — Mon, 01 Dec 2003 20:28:00 GMT

Congratulations on finishing the project. You should post the URL here ;-) Also don't miss the update to this blog at: http://blogs.gotdotnet.com/ptorr/PermaLink.aspx/f270eee6-7466-4f05-b7fc-b84bfd5934a0

SD Times mentions VSTO security

Office Development, Security, Randomness... — Mon, 19 Jan 2004 03:35:00 GMT

SD Times mentions VSTO security

Office Development, Security, Randomness... — Tue, 20 Jan 2004 02:13:00 GMT

MyDoom and VSTO

Office Development, Security, Randomness... — Sun, 01 Feb 2004 02:03:00 GMT

re: VSTO Security Model

Enrico Sabbadin — Thu, 11 Mar 2004 10:35:00 GMT

Thanks to Brian Randell who pointed me to this post. Before reading this post I was actually quite puzzled about the things described in Brian MSDN March 04 article could ever work.
The missing point was constructing the appdomain policy as the union of the enteprise/machine/user (and then remove the permissions in zone code groups.

Before reading it I thought one way to obtain a similar effect was to remove the zone evidence before calling appdomain.createappdomain

Why this approach shouldn't work ?

re: VSTO Security Model

Peter Torr — Thu, 11 Mar 2004 15:50:00 GMT

Heh... I forwarded the URL to Brian :-)

It won't work because you need the evidence in order to evaluate the child cod groups correctly. I was going to blog about this at some stage... maybe I will soon.

Security in the Visual Studio Tools for Office Suite

.Net Security Blog — Sat, 13 Mar 2004 06:13:00 GMT

re: It's not your father's Office (dev)

Philo's WebLog — Tue, 20 Apr 2004 19:34:00 GMT

NETDA Presentation - VSTO

Tom Krueger — Tue, 01 Jun 2004 20:33:00 GMT

Creating a partially-trusted AppDomain

Office Development, Security, Randomness... — Mon, 08 Nov 2004 02:41:00 GMT

VSTO security - I often do not get it

Misha Shneerson — Sat, 27 Aug 2005 05:41:20 GMT

Fabulous world of VSTO security still puzzles me after living in it for the past 3 years. Isn't it especially...