Configuring Security Policy

Security is an important consideration when building applications. The common language runtime grants varying levels of trust to code based on certain attributes, called evidence, that the code possesses. When the runtime establishes that code has a certain level of trust, it allows the code to access protected resources appropriate to that level of trust. For example, by default, a .NET Framework application that runs from the Internet does not have the same level of trust as a .NET Framework application that runs from the local computer. An application running from the local computer can access resources such as the file system, but an application running from the Internet cannot.

The default security policy provides adequate security for your computer, and you should change it only when necessary. Before configuring security policy, you should become familiar with the concepts described in Security Policy Management. Use the .NET Framework Configuration tool (Mscorcfg.msc) to change security policy. If you want to write a batch script to configure security policy, use the Code Access Security Policy tool (Caspol.exe).

In This Section

• Configuring Security Policy Using the .NET Framework Configuration Tool (Mscorcfg.msc)
  Describes how to add and change code groups and permission sets, and perform other security policy tasks using the .NET Framework Configuration tool.

• Configuring Security Policy Using the Code Access Security Policy Tool (Caspol.exe)
  Describes how to add, change, and remove code groups and permission sets using Caspol.exe.

• Importing Security Components Using XML Files
  Describes how to make security policy aware of code groups and permission sets that do not come with the Windows Software Development Kit (SDK).

Related Sections

• Security Policy Management
  Describes the .NET Framework security policy model.

• .NET Framework Configuration Tool (Mscorcfg.msc)
  Describes how to run the .NET Framework Configuration tool.