|Important||This document may not represent best practices for current development, links to downloads and other resources may no longer be valid. Current recommended version can be found here.|
Security and Visual Basic Development
Visual Basic developers need to address key security issues as they begin working with the .NET Framework. This overview discusses both Windows and Web applications, and the implementation, debugging, and deployment phases of development.
Visual Studio provides you with control over the security of running applications. While you have control with the .NET Framework, that control requires that you think about your programming with an eye on security. There are security issues that you need to address to create friendly and usable applications for your users.
There are three common situations where you will need to address security concerns:
Permissions: The user running your application may deny privileges to your application. Such a situation can happen because your application is running from a location that the user has specified not to be allowed access to some system resources. For example, the user can configure the common language runtime to deny file privileges to any application that is stored on a network drive. You need to be aware of this in your work, and you should write code that responds gracefully to denials. For more information, see Security Policy.
Web Applications: Users accessing your Web applications from your Web servers need to be prevented from running malicious code or corrupting data on your servers. For more information, see Securing ASP.NET Web Sites.
Setup of Visual Studio: The way you set up Visual Studio can leave your server more or less at risk from attacks by malicious code. For more information, see User Rights and Visual Studio.
Securing resources is a process that spans several technologies and the entire development cycle. Through careful design, implementation, testing, and deployment of applications, you can create very secure applications. Security technologies, provided by ASP.NET, the operating system, and Web browsers are available to secure your applications.
For more information, see Security in Visual Studio.