[New article]: How to safely run third-party code

[Forgind]

Proposed topic or title

Executing Customer Code

Location in table of contents.

docs/core/tutorial? Not sure

Reason for the article

The easiest and most common way to hack a company is to convince someone with company credentials to do something risky. One example of that is following provided repro steps without fully understanding them, notably if they include downloading user code. This doc would provide information on how to stay safe while learning about customers' scenarios to help with their issues.

Article abstract

When customers discover issues with the .NET SDK, we often need more information to see how exactly their scenarios differ from the (presumably working) mainline scenarios. This additional information often takes the form of a 'repro' or set of steps by which we can see the error ourselves and walk through what is happening as their scenario plays out and how it ultimately diverged from our expectations.

Blindly executing unvetted customer code can be a security hazard, however, not just for the machine executing the code but for any machine on the same network and any service accessible using credentials they can access through those machines. In this way, a malicious actor can exfiltrate sensitive Microsoft data, including information about other Microsoft employees, proprietary code, or private customer data. They may even be able to take down a service or introduce further security bugs in shipping products. Indeed, the most common vector hackers use to gain access is through compromising one or more individual users with employee credentials. At Microsoft where security is paramount, we want to prevent such hacks.

This document contains recommended best practices on how to securely test users' code. They are arranged in order or security with the most secure at the top. This should also be the priority you should use to stay secure when executing code.

Relevant searches

I didn't do any searches, but I did make a PR here in the SDK repo that we'd ultimately like to bring to dotnet/docs if possible:
dotnet/sdk#45456

[gewarren]

@dotnet/docs Any thoughts on whether an article like this belongs in the .NET docs, and if so, where?

[adegeo]

Feels like patterns and practices.

[gewarren]

@adegeo @dotnet/docs Here's the guidance I found for patterns and practices docs. Do you think it belongs in any of these? https://learn.microsoft.com/en-us/contribute/content/architecture-center/aac-contribute

• https://github.com/MicrosoftDocs/architecture-center
• https://github.com/MicrosoftDocs/well-architected
• https://github.com/MicrosoftDocs/cloud-adoption-framework

[adegeo]

I don't know honestly. To me, I don't think this goes anywhere within this repos normal .NET documentation. It feels more like repo setup guidance and security.

@Forgind It sounds like this is really something you want to put in your .NET code repos where you deal with customers.

[Forgind]

As you can see from dotnet/sdk#45456, we're planning to put it in our repo, but we had been thinking it might be valuable/relevant to people working in other repos as well. If you don't think it belongs here, though, we can probably just close this issue.

[Forgind]

/cc: @baronfel @marcpopMSFT ^

[marcpopMSFT]

Adding to Forgind's comment, this came out of a threat review where we came to the conclusion that most folks probably don't know the safe way of engaging with customer code especially when it comes to building and running that code. That applies to sdk and MSBuild but also any other repos/scenarios where you might open a customer project in VS for example or build it. We can certainly point people to the SDK article but weren't sure if that were visible enough.