Code with no special level of trust (perhaps code downloaded from the Internet) is allowed to invoke anything it would have been able to invoke in an early bound way.
In short, this means:
Notice that untrusted code cannot access nonpublic members (even of its own class) through the Get methods on type (GetMembers, GetMethods, and so on) or the Get methods on Assembly and Module. However, untrusted code can access nonpublic types and members using:
Even though private members of a class may be exposed, they cannot be executed unless the access rules allow it.
These rules apply to:
Untrusted code can discover which module and assembly the code is in (as that is part of the code’s identity) but the code cannot discover which other types belong to the code’s module, or which other modules belong to the code’s assembly. This rule applies to: Assembly.Module, Assembly.GetType, Module.GetTypes, Module.FindTypes, Module.GetMethods, Module.GetType.