Now that we understand evidence and how the evidence about an assembly is gathered, we can discuss security policy. Based on the evidence for an assembly, the assembly is assigned to a code group. Associated with each code group is a set of permissions that represent what code associated with that code group can do.
Security Policy Levels
Security policy is set at several levels. The permissions allowed are defined by the intersection of the policy levels. These levels are enterprise, machine, application domain, and user. If there is a conflict between permissions assigned from a particular level, the more restrictive version overrides. So, enterprise policy can override all the machines in the enterprise, and machine policy ...
Get Application Development Using Visual Basic® and .NET now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.