CLR v4 Security Policy Roundup


Over the last few weeks we’ve been taking a look at the updates to the CLR security policy system in the v4 release of the .NET Framework.  Here’s a quick index of those topics:


Comments (3)

  1. Ian Ringrose says:

    I am just trying to relearn CAS for the 70-536 .NET Framework – Application Development Foundation Exam (I learned it to pass an exam years ago then had no use of the information.)

    I think the Security team needs to talk to the exam team to decide if CAS should be in the 70-536 exam and if so define what level of understanding is needed to pass the exam.

    I have been writing .net software (web and winforms) for many years and  have never had a need to use CAS – unlike the rest of the exam contents.

  2. Luis Abreu says:

    stupid question: what's the story regarding .NET assemblies loaded as ActiveX controls in IE? In .NET 3.5, things weren't complicated: you'd add them to the page and grant the required permissions in the CAS console. How does all this work for .NET 4.0? Any pointers? thanks.

  3. shawnfa says:

    IE hosted managed controls are not supported in .NET 4.  They will still work with .NET 3.5, and Silverlight is of course another option.