Best Practices for Security in Automation
Visual Studio add-ins are deprecated in Visual Studio 2013. You should upgrade your add-ins to VSPackage extensions. For more information about upgrading, see How to: Convert an Add-in to a VSPackage.
Visual Studio automation developers must understand and accept the responsibility of creating secure applications by understanding security vulnerabilities. A secure application protects the confidentiality, integrity, and availability of the customers' information. Furthermore, it protects the integrity and availability of processing resources, which the system's owner or administrator controls.
For the purposes of this discussion, a security vulnerability is a flaw in a product that allows an attacker — even when the product is used properly — to:
appropriate privileges on the user's system,
regulate, change, or redirect its operation,
compromise its data,
- or -
assume ungranted trust.
Never assume that your application will be run in only a few given environments, especially if the application becomes very popular. Chances are good that it will be used in another, unforeseen, setting. Assume instead that your code will be run in the most hostile environments. Design, write, and test your code accordingly.
There are benefits to crafting secure applications. Code that is initially designed and built with security in mind is more robust than code written with security that is added as an afterthought. Securely designed applications are also more resistant to media criticism, more attractive to users, and less expensive to fix and support.
Some API functions can be considered more risky than others from a security standpoint. Some may be inherently risky in the way that they function. Others may be risky if not called or handled correctly. The point is that you should be familiar with the pitfalls and quirks of the various API functions you call, and if they pose any sort of security risk, ensure that they are used correctly.
Also, do not assume that because your code uses only API functions that are considered "safe" that your application is automatically safe and secure as well. Negligent programming practices can expose your application to as much or more risk than using supposedly "dangerous" functions. Such practices can include:
not handling exceptions properly,
using hard-coded paths,
using hard-coded connection strings,
not checking for proper user credentials or permissions.
To protect your applications, you should thoroughly understand code security issues by researching the subject. The Microsoft Press book, Writing Secure Code, and the Security Coding Guidelines site at http://msdn2.microsoft.com/library/d55zzx87.aspx are good resources.
Another important point to understand is that many security issues result from applications that blindly trust data input. It is essential that your applications carefully examine and evaluate data as it is received to verify that the data is well-formed and trustworthy before using it.
In addition to following these guidelines, Visual Studio automation offers some simple, specific ways to help you secure your system from automation security exploitations. Remember, however, that they are not a panacea for all security issues. Rather, they are a good start. For information, see Add-In Security.
Research and follow .NET security guidelines carefully before building your automation applications.