Security policy consists of the following policy levels: machine, user, and application domain policy. Machine policy is always present by default, but the other two levels of policy do not exist unless they have been specified.
The following table describes the three policy types:
Policy type | Specified by | Applies to |
---|---|---|
Machine policy | Administrator | All managed code on the computer. |
User policy | Administrator or user | Code in all of the processes associated with the current operating system user when the runtime starts up. |
Application domain policy | Application domain host code | All managed code in the host’s application domain. |
Each policy level has its own hierarchy of code groups that provides the framework for establishing and configuring security policy. Every code group by definition is associated with a named permission set, which specifies the permissions that the runtime will allow code in that code group to have. The evidence provided by a trusted host or by the loader enables the runtime to determine which code groups the code is a member of, and therefore which permissions the policy allows the code to have.
The set of permissions that is granted to an assembly is determined when the assembly containing that code is loaded. At load time, the runtime examines evidence describing the assembly's identity and uses that information to discover which permissions policy allows the assembly to have. The requirements of all existing policies (machine, user, and application domain) are taken into account, along with the requested permissions of the assembly, when the runtime grants permissions to assemblies. Application domains are also granted permissions by the runtime, but only the machine policy and, optionally, the user policy are used to determine the granted permissions for application domains. For more details about how the runtime decides which permissions to grant, see Permission Grants.