There are two key concepts of CAS security policy- code groups and permissions. A code group contains assemblies in it in a manner that each .NET assembly is related to a particular code group and some permissions are granted to each code group. For example, using the default security policy, a control downloaded from a Web site belongs to the Zone, Internet code group, which adheres to the permissions defined by the named permission set. (Normally, the named permission set represents a very restrictive range of permissions.)
Assembly execution involves the following steps:
Evidences are gathered about assembly.
Depending on the gathered evidences, the assembly is assigned to a code group.
Security rights are allocated to the assembly, depending on the code group.
Assembly runs as per the rights assigned to it.
Assembly execution involves the following steps:
Evidences are gathered about assembly.
Depending on the gathered evidences, the assembly is assigned to a code group.
Security rights are allocated to the assembly, depending on the code group.
Assembly runs as per the rights assigned to it.
