CLR v4 Security Policy Roundup


Over the last few weeks we’ve been taking a look at the updates to the CLR security policy system in the v4 release of the .NET Framework.  Here’s a quick index of those topics:


Comments (3)

  1. Ian Ringrose says:

    I am just trying to relearn CAS for the 70-536 .NET Framework – Application Development Foundation Exam (I learned it to pass an exam years ago then had no use of the information.)

    I think the Security team needs to talk to the exam team to decide if CAS should be in the 70-536 exam and if so define what level of understanding is needed to pass the exam.

    I have been writing .net software (web and winforms) for many years and  have never had a need to use CAS – unlike the rest of the exam contents.

  2. Luis Abreu says:

    stupid question: what's the story regarding .NET assemblies loaded as ActiveX controls in IE? In .NET 3.5, things weren't complicated: you'd add them to the page and grant the required permissions in the CAS console. How does all this work for .NET 4.0? Any pointers? thanks.

  3. IE hosted managed controls are not supported in .NET 4.  They will still work with .NET 3.5, and Silverlight is of course another option.