2

I am thinking about taking the 70-536 exam, and there is all this stuff about CAS and caspol and stuff.

Has anyone out there actually taken the time to use CAS either Decoratively or Imperatively?

I can see where it would be useful to have a basic understanding of CAS Codegroups, permission sets and what not, but i can't fathom a real scenario where I would ever actually want to use it?

I understand what the SecurityAction Demand and LinkDemand do, i just can't imagine actually using them. The only scenario that comes to mind would if i had a strongly named assembly that would run from the internet with elevated privileges and for some reason i wanted to make sure that anybody calling my assemblies also had appropriate permissions... but when does that really happen?

I only do Winforms development, perhaps in web apps this a greater concern that people often need to address?

Perhaps I am not security minded enough, lol.

Again, i'm not looking for links to microsoft documentation :) i'm looking for realworld examples where people use this stuff.

thanks

jonchicoine
  • 510
  • 3
  • 14

2 Answers2

1

Read this: http://blogs.msdn.com/b/shawnfa/archive/2010/02/24/so-is-cas-dead-in-net-4-or-what.aspx

.NET 4 provides completely new security model, so you would better invest your knowledge in it: http://weblogs.asp.net/hernandl/archive/2009/05/22/new-net-4-0-security-changes.aspx

QrystaL
  • 4,886
  • 2
  • 24
  • 28
  • Not really what i was looking for, but interesting links. I think CAS stuff should be removed from the exam. I'm not gonna waste my time learning something i'll never need. – jonchicoine May 18 '11 at 12:35
0

Any scenario, where you have untrusted code you need to run. Plugins for windows application is one example.

Loki Kriasus
  • 1,282
  • 10
  • 22