CAS-Code Access Security is a security model which grants or denies permissions to your Assemblies depending on Evidences (like from where the code comes from. Does the code come from the internet or has it comes from a valid publisher or other source.)
How CAS Works
Before executing any assembly, CAS collects the Evidence Values (publisher, source of assembly, does it have strong name) about that assembly and depending on the Evidence values, it start assigning permissions to the assembly via Permission set (Permission Set is the collection of permission).
Code Groups - Code Groups are a collection of permission that are allocated to an Assembly as per the Evidence values.
We can apply CAS on any assembly using “caspol”. To run this, go to your Visual Studio Command Prompt and run “caspol”. But because it is very difficult to work through “caspol”, we will use .NET Framework 2.0 configuration tool for CAS.
To see what kind of permissions an assembly has - right click on runtime security policy from the left hand side tree and select Evaluate Assembly…
To create a permission, set-right click on Permission Sets and add new permission set and add permissions as per you.
To change to Code Group-right, click on a particular code group and change the permission set as per your requirements.
Problems with CAS:
- Appling CAS is not an easy task
- Deployment of code requires CAS Setup again
- CAS doesn’t work on unmanaged code
