code-access-security

I would like to run exes and Windows Services in Medium Trust, but all the literature I can find suggests using <system.web> <trust level="Medium"/> </system.web> for ASP.NET, so I have tried that but using code from How do you check if you are running in Medium Trust environment in .NET? it still appears to have full trust. What is the correct way to do this? The available approaches depend on the .NET version. Prior to .NET 4.0, the CLR enforced CAS policy, which made it possible to restrict permissions for any assembly. However, as of .NET 4.0, the CLR no longer applied CAS policy unless

I received the following compilation warning as a error while upgrading some ASP.NET code from .NET 3.5: 'System.Security.Permissions.SecurityAction.RequestMinimum' is obsolete. The attribute has bee applied on the assebly level: [assembly: System.Security.Permissions.SecurityPermission(System.Security.Permissions.SecurityAction.RequestMinimum, Execution=true)] Also the code makes use of the P&P Web Client Software Factory, specificly the ObjectBuilder.WCSFExtensions library. Also it the code is providing some role provider implementations. Keep in mind this code is used as Framework code in

I have an application in .NET 4 that uses MEF for extensibility. My main application has three assemblies: Host , Application and Contracts . Host is the "boot-strapping" executable that creates the container and does the composition. Application contains the logic of my application, and more extension points for 3rd parties. Contracts contains the interfaces (and some helper classes) that are used in the extension points. Therefore, someone developing a 3rd party application has to include a reference to Contracts , but not to Application . I'm thinking that my security model should look like

see also Is “Code Access Security” of any real world use? I want to get some other opinions on this... I like the idea of Code Access Security for desktop applications. But in the lifetime of .NET I have to admit I've never actually had a situation where CAS has actually blocked something to my benefit. I have, however, had many times where something as simple as sharing a quick .NET application across a mapped drive becomes an enterprise code access nightmare. Having to break out caspol.exe to create trusted path rules and having no clear way of knowing why something failed makes it seem like

I have a powershell script that I am trying to execute from WCF REST service.I am using the System.Management.Automation and System.Management.Automation.Runspaces assemblies. The C# code looks like this: Command command = new Command(path); command.Parameters.Add(param); RunspaceConfiguration runspaceConfiguration = RunspaceConfiguration.Create(); using (Runspace runspace = RunspaceFactory.CreateRunspace(runspaceConfiguration)) { runspace.Open(); ... other code } This error happens here once I try to execute the open statement: Dynamic operations can only be performed in homogenous AppDomain.