Permission Grants
The common language runtime grants permissions to both application domains and assemblies. The permission-granting process can involve one or both of the following steps:
Compute the allowed permission set.
At load time, the runtime determines the set of permissions that each policy level allows the code to have.
The runtime then intersects the allowed permission sets for each relevant policy level, resulting in one set of allowed permissions for the application domain or assembly.
Determine the granted permissions.
The runtime compares the final set of allowed permissions with the permissions that the assembly requests, which results in a set of permissions that is granted to the assembly. This step does not apply to permission grants for application domains.