Don’t break that sandbox
- by Sahil Malik
SharePoint 2010 Training: more information
Hmm .. I hear that some soldiers are spreading rumors that it is OKAY to edit the WSS_Sandbox trust level inside of SharePoint. Afterall, it is just .NET code right? And it’s just a CAS policy, so why not make that tempting little tweet, and well – all I wanna do is call web services! Ummmm .. DON’T DO IT! Yes I know it’s just .NET code! But Microsoft has spent a great deal of time, resources, and thoughts in crafting up the boundary of what a sandbox solution can do, and what it cannot do. Soon as you make that tiny little tweak to allow calling web services, you just opened a bunch of security holes in your SharePoint installation. Not to mention, you broke the first cardinal rule of your SharePoint solutions, which is, “No Microsoft files were hurt in the building of this solution”
Read full article ....