Application domains are the CLR's unit of processing and security policy enforcement. They also provide for isolation between applications. Application domains are lightweight enough that many can run in a single Win32 process.
It's not uncommon for runtime environments to provide application isolation. Applications need protection from faults that may occur in other applications. Applications often need to be independently stopped and debugged as well. This type of isolation also prevents code in one application from accessing code in another application. In other words, isolation protects against possible security holes.
In most contemporary operating systems, isolation is achieved by using process boundaries. Typically, ...