For the runtime to successfully enforce security restrictions on managed code, it must be able to reliably determine all the callers in the call stack so that it can examine their permissions. If the runtime did not have this ability, managed code would be vulnerable to luring attacks, where a less trusted caller could use more highly trusted code to perform malicious actions. The runtime can reliably locate all the callers in the call stack when managed code is type-safe, which means that the code accesses types only in well-defined, allowable ways.
To ensure that the requirement for type-safety is met, IL code and metadata are examined as part of the JIT compilation process to see whether the code can be determined to be type-safe. For more detailed information about verification of type-safety, see JIT Compilation.