see also Is “Code Access Security” of any real world use?
I want to get some other opinions on this...
I like the idea of Code Access Security for desktop applications. But in the lifetime of .NET I have to admit I've never actually had a situation where CAS has actually blocked something to my benefit.
I have, however, had many times where something as simple as sharing a quick .NET application across a mapped drive becomes an enterprise code access nightmare. Having to break out caspol.exe to create trusted path rules and having no clear way of knowing why something failed makes it seem like CAS adds way more frustration to the development and deployment process than it offers in security.
I'd like to hear either some situations where CAS has actually helped more than hurt, or if there are other people out there frustrated with its current implementation and defaults.