Pros/Cons of having users Trust the VBA Project

[Barb Reinhardt]

What are the Pros/Cons of having users select Trust the VBA Project?

Thanks,
Barb Reinhardt

 

[JLGWhiz]

If they want to run macros in VBA then they have to check the box. If they
never intend to use VBA then they don't need to check the box. Pro they can
use it. Con they can't.

 

[Dave Peterson]

That's not right.

Trust to the VBA Project allows the user to run programs that would
add/delete/change/read code. It's got nothing to do with the user running
macros.

 

[JLGWhiz]

I got cut off by an automatic download.

Anyhow, I don't believe it affects the performance of Excel one way or the
other if the box is checked and the user never opens the VBE. But if they
want to use the VBE, or load a macro from some where else, they would need
access to VBA.

I have not experimented with it, but I would assume that they could load a
workbook from another source that contained VBA procedures and the proceures
would run, even if they did not have the box checked. They would probably
not be able to access the code until they checked the button. I'll have to
verify that.

 

[JLGWhiz]

Hi Dave, I may not have chosen my words very well it the first posting.
Since I have always had my access to VBA turned on, I have not thought much
about what life would be like without it. But, I do remember when I first
fired up my xl2003, it was not on and I could not open the VBE until I
checked the box. However, it makes sense the macros will run without the box
being checked, but the only way I can think of that they would be available
to run is from a downloaded or imported workbook that already contained the
macro. If that is not the case, I would appreciate some enlightenment.

 

[Dave Peterson]

Try a test.

Turn off that option. Create a workbook with a simple macro. Save the workbook
and close and reopen excel and that workbook.

Your macro will run ok--well, unless your simple macro tries to do something
that accesses a project.

And I'm guessing that you have a shortcut key (not built into excel) that would
open the VBE. And that stopped you from getting to the VBE to create/edit
macros.

I'm not sure why you're writing about downloaded or imported workbooks. The
workbooks could contain macros that you developed and saved.

 

[Peter T]

That application level setting allows code, from virtually any source, to
read/write a workbook's VBProject, its modules and code etc.

In theory if the box is checked all projects, whether or not they even
contain any code, are vulnerable to malicious attack (ie code changes, if
the project is not locked). Having said that I have never heard of such an
attack being reported, has anyone - that's a genuine question. Neither have
I ever heard of a virus type xls file being distributed in say an email
since pre xl97 (unlike numerous bad doc attachments).

In theory you could be held responsible for advising a user to allow access,
though I think the risk to the user and in turn you is very small. Where
possible though, best to find ways of avoiding the need to access the
project. I recall you posted a question which required access and I gave you
an easy workaround which didn't. Unless you have some other reason why not
simply go with that.

Regards,
Peter T

 

[JLGWhiz]

Well, that blew my whole concept of what that check box controlled. Thanks
for the wake up.