.net com interop security RRS feed

  • Question

  • Hello

    As a very newb to security issues, I'm looking for some clue about security model/issues/privileges/solutions/attributes/... of .net com interop. Something like starting point article, code samples and ... 

    I have third party com servers that I'm not sure other than their stated functionality, what else they may do. I want to restrict its access to whatever unnecessary like creating files, starting new com sessions, ....

    A special important question: is is possible to start a com server as another user with restricted rights?

    Could anybody please help?

    Friday, January 3, 2014 3:11 PM


All replies

  • Hoped to receive any feedback or at least somebody please tell me the correct place to ask if this is not the proper forum.
    Saturday, January 4, 2014 6:11 PM
  • Hi Alireza,

    NET Framework provides a simple way to ensure system security. See more information about CAS.

    See Code Access Permissions with CLR COM Interop.

    Hope useful to you.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, January 6, 2014 3:35 AM
  • I'm studying interoppermission class... Thanks for the answer.
    Monday, January 6, 2014 5:30 PM
  • Hello

    Your references are helpful but I think I need to revise my question.

    What I exactly want to do is using some third party spread sheets with macros. I wanted to restrict these macros from treating the system while the macros are enabled.

    We may use excel or openoffice for running workbooks.

    I see these code access security rules work on dlls, I think excel or open office start as stand alone servers. then I'm not sure if vba macros even follow the same access level of excel or not.

    May you have a better suggestion?


    Sunday, January 12, 2014 10:50 AM
  • Code Access Security won't help here.  The COM servers will be running native code, and so will always run in "Full Trust" mode, which means that they are running with the full permissions of the Windows user who started the process.

    To control security, then, you need to run the code using a low-privilege account.  All code running in the desktop, or any process started by that account will be limited by the permissions settings you configure.



    Sunday, January 12, 2014 2:56 PM