The Code Access Security Policy Tool (Caspol.exe) enables administrators to modify security policy for the machine policy level, the user policy level, and the enterprise policy level. The tool is a console-based application that can be used by typing in parameters or to process batch file security changes.
Three security configuration files correspond to the three policy levels supported by Caspol.exe: one for the machine policy, one for a given user’s policy, and one for the enterprise policy. These are the only files affected when using the Code Access Security Policy Tool.
Changes made using the Code Access Security Policy Tool affect only the configuration files of the runtime version that Caspol.exe was installed with. If you run the Caspol.exe that was installed with version X of the runtime, the changes apply only to that version of the runtime. Other concurrent (side-by-side) installations of the runtime, if any, are not affected. If you run Caspol.exe from the command line without being in a versioned runtime directory, the tool is executed from the first runtime directory in the path (which is usually the most recent runtime version installed).
See the following topics in the .NET Framework SDK documentation: Configuring Security Policy Using the .NET Framework Configuration Tool (Mscorcfg.msc), Code Access Security Policy tool (Caspol.exe).