Changes in the CLR 4.0 security model

Changes in the CLR 4.0 security model

The CAS (Code Access Security) model of the .NET is changing in CRL 4.0.

in general Microsoft has obsolete many of the CAS operations, simplify the access

to security related information, and omitting the support for having

security restriction at the assembly level (security restriction will solely manage by the AppDomain sandbox).

using obsolete APIs result with warning at the compilation and exception at run-time.

in general you should be suspicious of any APIs that getting Evidence parameter (especially at the assembly level).

you can read lot more on this topic at the NET Security Blog.

Summary

if you are using CAS or considering using it, you should be aware for the changes, otherwise your

code will fail at runtime.