RequestOptional Removes Permissions
Another interesting question arose today. An assembly was granted FullTrust by policy, which was confirmed by CasPol. Yet it was being prevented from calling code in non-APTCA assemblies. Turns out that the code in question had an assembly level RequestOptional. Remember from our discussion of Assembly Level Declarative Security that the formula for determining the maximum set of permissions that an assembly will get is:
(RequestMinimum union RequestOptional) - RequestRefuse
Since the defaults for these permission sets are:
- RequestMinimum: Nothing
- RequestOptional: FullTrust
- RequestRefuse: Nothing
The maximum set of permissions you'll receive is FullTrust:
(Nothing union FullTrust) - Nothing = FullTrust
However, that FullTrust basically derives from the fact that your optional grant set is FullTrust. As soon as you've explicitly specified a RequestOptional, that FullTrust goes away and your assembly will never be fully trusted. That means that signed, non-APTCA assemblies will no longer be callable.