Whew, this chapter is already longer than I planned and (I fear) too complicated. In order to simplify things a bit, I include the following common security problems, with brief descriptions of how to solve them. I hope it helps!
What is partial trust?
The Excel macro security model is based on trust and known publishers. Macro code is digitally signed and that signature identifies the source (publisher) of the macro. At that point, the user makes the decision whether to trust that publisher. The inference here is that if the macro does something bad, the user will no longer trust that publisher and possibly pursue damages through the legal system.
In Excel and other applications that implement the Common Object Model (COM), trust is absolute. You either trust someone or you don’t. In fact, this isn’t a perfect system for the real world, where you might trust someone but not want to lend them your car keys, or your credit card, or your bank PIN.
There are situations where you might want to partially trust an application. Microsoft addresses this in the .NET Framework. Applications written with .NET can be granted partial trust, so they can run but not read the system registry or write to disk, for example.
There are some situations where .NET applications require full trust. For instance, a .NET application must be fully trusted in order to use Excel. You can’t use .NET to create partially trusted wrappers for COM applications.
See Chapter 5, “Program ...