Now that we understand evidence and how the evidence about an assembly is gathered, we can discuss security policy. Based on the evidence for an assembly, the assembly is assigned to a code group. Associated with each code group is a set of permissions that represent what code associated with that code group can do.
Security Policy Levels
Security policy is set at several levels. The permissions allowed are defined by the intersection of the policy levels. These levels are enterprise, machine, application domain, and user. If there is a conflict between permissions assigned from a particular level, the more restrictive version overrides. So, enterprise policy can override all the machines in the enterprise, and machine policy ...