InfoPath 2003 must protect against security risks.
Using information across domains poses security risks.
InfoPath has two basic types of form template ”sandboxed form templates (URL-based forms) and fully trusted form templates (URN-based forms).
The InfoPath client makes use of the Internet Explorer approach to security. In particular, InfoPath uses Internet Explorer security zones.
The InfoPath object model has three levels of security ”level 0, level 2, and, for fully trusted forms, level 3.
Fully trusted InfoPath form templates require explicit installation on a user 's computer because of the potential damage malicious code in a form template can cause.
If you have Microsoft Visual Studio installed, you can use the RegForm.exe utility to create an .msi installer for a fully trusted form.
An alternative technique is to create a JScript installer (which isn't dependent on the presence of Visual Studio) using RegForm.exe .
InfoPath allows the digital signing of InfoPath forms.