Every time I do the CAS modules in DevelopMentor’s security course, we talk about all those different kinds of Permissions and students are quite impressed about the different ways to protected their code (especially with IdentityPermissions). A few slide later comes the obligatory: “but, this only applies if you are running in partial trust”…there is really no way to protect your code from fully trusted callers, it even can result in strange problems if you are using Identity Permissions in Full Trust environments.
CAS in Whidbey has changed to reflect this:
- Identity Permissions in any state become subset of Unrestricted PermissionSet
- Set logics for IdentityPermissions changes
- LinkDemands are optimized out in FullTrust
read the full story here.