About Security Settings and Running Code in Visio 2003 [Visio 2003 SDK Documentation]
Creating secure applications is one of the primary challenges facing solution developers. Users, administrators, and developers are increasingly aware of the potential of unknowingly running code that can be harmful to their computers. It is more important than ever that you help to ensure the integrity of your applications.
This topic describes how the Macro Security settings in Microsoft Office Visio work in combination with digital signatures and trusted sources and publishers when running code in a Visio solution. It also suggests additional resources about good security practices and articles for learning more about programming in Visio.
Running code in the Visio application
Depending on a user's security settings, a macro security warning might be displayed when a user opens a Visio document containing Microsoft Visual Basic for Applications (VBA) code or when a Visio add-on (EXE or VSL) or COM add-in is loaded, whether through Automation or a ShapeSheet function.
Because users are now encouraged to set their security level to High (the Microsoft Office Visio 2003 default), it is essential that you take advantage of digital signatures and identify yourself as a trusted source or publisher to help assure users that the code contained in your solution is safe and reliable.
The following table lists various combinations of security settings in Visio and describes how Visio responds in each case.
Security level | Trust all installed add-ins and templates check box | Digitally signed | From trusted publishers | Load COM add-ins? | Load published add-ons (EXEs and VSLs)? | Load path-discovered add-ons (EXEs and VSLs)? | Load VBA macros? |
---|---|---|---|---|---|---|---|
Very High |
Selected |
Yes |
Yes |
Yes |
Yes |
No |
No |
Very High |
Selected |
Yes |
No |
Yes |
Yes |
No |
No |
Very High |
Selected |
No |
N/A |
Yes |
Yes |
No |
No |
Very High |
Cleared |
Yes |
Yes |
No |
No |
No |
No |
Very High |
Cleared |
Yes |
No |
No |
No |
No |
No |
Very High |
Cleared |
No |
N/A |
No |
No |
No |
No |
High |
Selected |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
High |
Selected |
Yes |
No |
Yes |
Yes |
Prompts to trust the add-on |
Prompts to trust the macro |
High |
Selected |
No |
N/A |
Yes |
Yes |
No |
No |
High |
Cleared |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
High |
Cleared |
Yes |
No |
Prompts to trust the add-in |
Prompts to trust the add-on |
Prompts to trust the add-on |
Prompts to trust the macro |
High |
Cleared |
No |
N/A |
No |
No |
No |
No |
Medium |
Selected |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Medium |
Selected |
Yes |
No |
Yes |
Yes |
Prompts to trust the add-on |
Prompts to trust the macro |
Medium |
Selected |
No |
N/A |
Yes |
Yes |
Prompts to enable the add-on |
Prompts to enable the macro |
Medium |
Cleared |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Medium |
Cleared |
Yes |
No |
Prompts to trust the add-in |
Prompts to trust the add-on |
Prompts to trust the add-on |
Prompts to trust the macro |
Medium |
Cleared |
No |
N/A |
Prompts to enable the add-in |
Prompts to enable the add-on |
Prompts to enable the add-on |
Prompts to enable the macro |
Low |
Selected or Cleared |
Yes or No |
Yes or No |
Yes |
Yes |
Yes |
Yes |
For details about digitally signing code and trusted sources and publishers, search for "code signing" on MSDN, the Microsoft Developer Network Web site.
For more information about good security design practices and technologies, search for "security" on MSDN.
Additional Visio resources
- To learn more about Visio add-ons and COM add-ins, see the article "About Microsoft Visio Add-ons and COM Add-ins" in this SDK.
- To learn more about the RUNADDON function and the AddonName property, see the article "Changes in the RUNADDON Function and the AddOnName Property for Visio 2002" on MSDN.