locked
VSX-2010 and ProjectNode.IsProjectSecure() RRS feed

  • Question

  • Environment:  isolated shell using the MPF, VSX-2008 migrating to VSX-2010

    During the migration of our system from 2008 to 2010 one of the items highlighted was that all the "project file security" was removed from ProjectNode.cs.  I faintly remember reading that there is a new technique that is handled by "the framework" (of course, I can't find that reference...). 

    Soooooo - is this removal something I can safely accept and hope that the dialogs don't have the words "VisualStudio" splashed all over them, AND that there is some sort of checking when opening project files from possibly untrusted sources?

    Additionally - I use the flag that the project was opened for browsing for my own purposes...  The project is logically read-only and I propogate that fact around to my own editors.
    Hence, I at least need that piece of information.

    As background...
    When a project file (like "foo.csproj") is loaded into the IDE, there is a check whether this project file can be trusted.  This is the source of the dialog with options like "load for browsing only" and such.
    All this was in a set of routines on the ProjectNode, named "IsProjectSecure()", "CheckProjectForSecurity()", etc.

    In VSX-2008 all this logic was available for overloading, however in VSX-2010 this was removed.

    Thanks,
    Reed Shilts

     

    Thursday, August 5, 2010 2:27 PM

Answers

  • Hi Reed,

    I have some email out asking about the changes. From what I could gather glancing at the sources, it does look like the shell itself makes this check now, and we no longer offer the ability to load the project in a browse/read-only mode. I'll pass along the details as I get them.

    Concerning the security dialog that pops up though, it looks like we pull the application name from IVsUIShell::GetAppName, so it should properly reference the app name you set for the isolated shell.

    Sincerely,


    Ed Dore
    Wednesday, August 25, 2010 10:19 PM
  • Hi Reed,

    Did a little more digging and also got some additional info from the Shell team concerning this change.  The browse/read-only mode in the earlier MPF project source was removed because it was flawed. In VS 2010, the shell automatically checks the path/url of the project file being loaded, and if the path/url is outside the 'local computer' zone, we pop a warning dialog giving the user the opportunity to cancel loading the project.

    Right now there's a bug in the shell where we don't check the flag set by the "Warn user when the project location is not trusted" in the Tools.Options dialog ("Projects and Solutions" category). So if you uncheck this flag, you'll still see the dialog.

    If you choose to load the project, we store this info in the SUO, and we skip this dialog on subsequent loads (based on the flag persisted in the SUO file. If you delete the .SUO file, you'll get the security dialog again.

    If you're building your own project type, you can avoid the security check by adding/setting a REG_DWORD DisableProjectSecurityCheck value under your project types registry key HKLM\Software\Microsoft\VisualStudio\10.0\Projects\{projguid} to 1.

    Sincerely,

    Sincerely,


    Ed Dore
    Thursday, August 26, 2010 6:05 PM

All replies

  • Hi Reed,

    I have some email out asking about the changes. From what I could gather glancing at the sources, it does look like the shell itself makes this check now, and we no longer offer the ability to load the project in a browse/read-only mode. I'll pass along the details as I get them.

    Concerning the security dialog that pops up though, it looks like we pull the application name from IVsUIShell::GetAppName, so it should properly reference the app name you set for the isolated shell.

    Sincerely,


    Ed Dore
    Wednesday, August 25, 2010 10:19 PM
  • Hi Reed,

    Did a little more digging and also got some additional info from the Shell team concerning this change.  The browse/read-only mode in the earlier MPF project source was removed because it was flawed. In VS 2010, the shell automatically checks the path/url of the project file being loaded, and if the path/url is outside the 'local computer' zone, we pop a warning dialog giving the user the opportunity to cancel loading the project.

    Right now there's a bug in the shell where we don't check the flag set by the "Warn user when the project location is not trusted" in the Tools.Options dialog ("Projects and Solutions" category). So if you uncheck this flag, you'll still see the dialog.

    If you choose to load the project, we store this info in the SUO, and we skip this dialog on subsequent loads (based on the flag persisted in the SUO file. If you delete the .SUO file, you'll get the security dialog again.

    If you're building your own project type, you can avoid the security check by adding/setting a REG_DWORD DisableProjectSecurityCheck value under your project types registry key HKLM\Software\Microsoft\VisualStudio\10.0\Projects\{projguid} to 1.

    Sincerely,

    Sincerely,


    Ed Dore
    Thursday, August 26, 2010 6:05 PM