.NET Code Access Security: Useful or just overcomplicated?

Posted by routeNpingme on Stack Overflow See other posts from Stack Overflow or by routeNpingme
Published on 2009-06-26T03:59:28Z Indexed on 2010/03/23 16:03 UTC
Read the original article Hit count: 516

Filed under:
|
|
|

see also Is “Code Access Security” of any real world use?

I want to get some other opinions on this...

I like the idea of Code Access Security for desktop applications. But in the lifetime of .NET I have to admit I've never actually had a situation where CAS has actually blocked something to my benefit.

I have, however, had many times where something as simple as sharing a quick .NET application across a mapped drive becomes an enterprise code access nightmare. Having to break out caspol.exe to create trusted path rules and having no clear way of knowing why something failed makes it seem like CAS adds way more frustration to the development and deployment process than it offers in security.

I'd like to hear either some situations where CAS has actually helped more than hurt, or if there are other people out there frustrated with its current implementation and defaults.

© Stack Overflow or respective owner

Related posts about .NET

Related posts about cas