C
chriscap
I am writing a service that picks up spreadsheets from an FTP drop location
uploaded by customers. I am leary of security problems because a customer
could unknowingly upload a spreadsheet with some malicious VBA. I am using
excel interop to open the spreadsheets via C#. Macro security will be set to
high, but I am wondering if this is enough. The customer is not willing to
sign their documents with a certificate.
Does anyone have any further suggestions for securely opening the
spreadsheet. I was thinking of decorating the asssembly or certain methods
with extra code access security declarations, but I'm not sure where to
start. It is important for this to be secure because the next request is to
allow sending spreadsheets via e-mail which means there isn't even a username
/ password preventing submission.
Thanks
uploaded by customers. I am leary of security problems because a customer
could unknowingly upload a spreadsheet with some malicious VBA. I am using
excel interop to open the spreadsheets via C#. Macro security will be set to
high, but I am wondering if this is enough. The customer is not willing to
sign their documents with a certificate.
Does anyone have any further suggestions for securely opening the
spreadsheet. I was thinking of decorating the asssembly or certain methods
with extra code access security declarations, but I'm not sure where to
start. It is important for this to be secure because the next request is to
allow sending spreadsheets via e-mail which means there isn't even a username
/ password preventing submission.
Thanks