NGWS SDK Documentation  

This is preliminary documentation and subject to change.
To comment on this topic, please send us email at ngwssdk@microsoft.com. Thanks!

Updating policy

Finally, to grant code the new permission, policy must be updated. First create a named permission set for the permission you want to grant. To do this write the XML representation of the permission, and give it a name.

caspol –addpset  file.xml  name

Next, change or add a code group consisting of the set of code you want to grant the permission to.

One restriction applies to the code assembly of the new permission object: you cannot grant the permission to the code that implements it. For example, the code assembly that implements SamplePermission may only belong to code groups in security policy that assign permission sets that do not include the SamplePermission permission (in any form). This restriction results from implementation issues of the runtime security system, however there is no practical value since a permission can’t really “enforce security” on itself – if the developer of the code is malicious it is certainly a simple matter to bypass any kind of security in code they already control.

For details, refer to the Security Administration documentation.