This documentation is archived and is not being maintained.

.NET Framework Security Policy

Security policy is the configurable set of rules that the common language runtime follows when it decides what it will allow code to do. Administrators set security policy and the runtime enforces it. The runtime helps ensure that code can access only the resources and call only the code allowed by security policy.


In the .NET Framework version 4, the common language runtime (CLR) is moving away from providing security policy for computers. For more information, see Security Changes in the .NET Framework 4.

Whenever an attempt is made to load an assembly, the runtime uses security policy to determine which permissions to grant to the assembly. After examining information, called evidence, that describes the identity of the assembly, the runtime uses security policy to decide how much the code is trusted and, therefore, what permissions to grant to that assembly. Evidence includes, but is not limited to, the code's publisher, its site, and its zone. Security policy also determines which permissions to grant to application domains.