Several security and assembly binding settings found in configuration files can be set using the .NET Framework Configuration tool (Mscorcfg.msc). This Microsoft Management Console (MMC) plug-in can be found by clicking Start, pointing to Administrative Tools, then selecting Microsoft .NET Framework Configuration.
The recommended way to configure security policy is to use the .NET Framework Configuration tool. The following table describes the tasks you can perform with.NET Framework Configuration tool.
| Task | Description |
|---|---|
| New | Create a new security policy file. Use this option to create and deploy new policy level files without affecting policy on the current computer. |
| Open | Open a policy level. Use this option to open security policy files you created using the New option. |
| Reset All | Reset all policy levels to the default. |
| Adjust Security | Adjust the security level for each zone. |
| Evaluate Assembly | View the permissions granted to an assembly or the code groups that grant permissions to an assembly. |
| Trust Assembly | Assign a level of trust to an assembly. |
| Create a Deployment Package | Create and deploy security policy across a network. |
The .NET Framework Configuration tool provides several wizards to help you safely adjust your user, machine, and enterprise security settings. The following table describes these wizards.
| Wizard | Description |
|---|---|
| Trust an Application | Use this wizard to identify an application by publisher or strong name information and increase the application's level of trust. |
| Adjust Security Settings | Use this wizard to increase or decrease permissions to assemblies originating from one of the following zones: My Computer, Local Intranet, Internet, Trusted Sites, or Untrusted Sites. |
| Create a Deployment Package | Use this wizard to create a Windows Installer package to deploy security policy across an enterprise. |
If the wizards do not provide the functionality you require to administer security policy, you can edit the permission sets and code groups directly by using either the .NET Framework Configuration tool or the Code Access Security Policy Tool (Caspol.exe). Caspol.exe is a command-line tool provided mainly for scripting security administration.
See the following topics in the .NET Framework SDK documentation: Security Policy Configuration, Configuring Security Policy Using the .NET Framework Configuration Tool (Mscorcfg.msc), Code Access Security Policy tool (Caspol.exe).