Coding Aids for Creating Secure Applications (C# and Visual Basic)
In considering security, you have to protect your development computers from attacks of malicious code and data corruption, and also protect your servers. There are several mechanisms in the development environment you can take advantage of to help secure your development servers:
Users account groups are added when you install Visual Studio. The Users group has the necessary file, share, and Internet Information Services (IIS) permissions to create and develop Web applications on a server. The Users group is also able to debug processes on a particular computer, either locally or remotely. As a member of the Users group you have access to most resources.
It is recommended that you debug on a test computer instead of the deployment computer. If you must debug on a deployment server, install only the Remote Debugging Component and uninstall the component when you have finished debugging. Take the server offline when you are debugging. For more information, How to: Set Up Remote Debugging. For general information about debugging, see Debugger Security.
For most applications, it is sufficient if the .NET Framework alone is installed on the server. If Visual Studio or the Visual Studio Server Components are installed on the deployment computer, the Users group is on the deployment computer. In addition, you may also want to disable dynamic discovery.
We do not recommend that you install Visual Studio on your deployment server. The Visual Studio setup adds both files and users to the system that could be exploited. You can secure a system that has Visual Studio installed, but if you do not need Visual Studio on the deployment server, we recommend that you do not install it there.
The Copy Project feature of Visual Studio includes the option to deploy an application together with a configuration file (Web.config) that differs from the configuration file that is used in development. It is likely that the development file has debugging enabled, which if deployed, would enable users to examine the call stack when an exception is thrown. It is recommended that you deploy with a separate configuration file that does not allow debugging.