This is what I have done to automate the deployment of CAS policies of my WebPart:
Inside my .wsp file, I have a Manifest.xml file with this content:
<?xml version="1.0" encoding="utf-8" ?>
<Solution SolutionId="0C006FE3-919D-4a2a-9CF0-FEA66A0A91E4" xmlns="http://schemas.microsoft.com/sharepoint/" >
<Assemblies>
<Assembly Location="MyWebPart.dll" DeploymentTarget="WebApplication">
<ClassResources>
<ClassResource Location="MyWebpart_log.config" />
<ClassResource Location="combo.css" />
<ClassResource Location="combo.js" />
<ClassResource Location="img/arrow.png" />
<ClassResource Location="img/coordination.gif" />
<ClassResource Location="img/dt-arrow-dn.png" />
<ClassResource Location="img/dt-arrow-up.png" />
<ClassResource Location="img/loading.gif" />
<ClassResource Location="img/menu-button-arrow.png" />
<ClassResource Location="img/spinner.gif" />
<ClassResource Location="img/split-button-arrow.png" />
<ClassResource Location="img/sprite.png" />
</ClassResources>
<SafeControls>
<SafeControl Assembly="MyWebPart, Version=1.0.0.0, Culture=neutral, PublicKeyToken=017e953639e07a31"
Namespace="MyWebPart" TypeName="*" Safe="True" />
</SafeControls>
</Assembly>
<Assembly Location="log4net.dll" DeploymentTarget="WebApplication">
<SafeControls>
<SafeControl Assembly="log4net, Version=1.2.10.0, Culture=neutral, PublicKeyToken=1b44e1d426115821"
Namespace="MyWebPart" TypeName="*" Safe="True" />
</SafeControls>
</Assembly>
</Assemblies>
<CodeAccessSecurity>
<PolicyItem>
<PermissionSet class="NamedPermissionSet" version="1" Name="MyWebPartPermissionSet"
Description="Permission set for My Web Part">
<IPermission class="AspNetHostingPermission" version="1" Level="Medium" />
<IPermission class="System.Net.DnsPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1" Unrestricted="true" />
<IPermission class="System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1" Read="$AppDir$" Write="$AppDir$" Append="$AppDir$" PathDiscovery="$AppDir$" />
<IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Flags="Execution" />
<IPermission class="Microsoft.SharePoint.Security.SharePointPermission, Microsoft.SharePoint.Security, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" version="1" ObjectModel="True" />
<IPermission class="Microsoft.SharePoint.Security.WebPartPermission, Microsoft.SharePoint.Security, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"
version="1" Connections="True" />
<IPermission class="System.Net.WebPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1">
<ConnectAccess>
<URI uri=".*"/>
</ConnectAccess>
</IPermission>
</PermissionSet>
<Assemblies>
<Assembly Name="MyWebPart" />
</Assemblies>
</PolicyItem>
<PolicyItem>
<PermissionSet class="NamedPermissionSet" version="1" Name="Log4NetForMyWebPart"
Description="Permission set for Log4Net (logging library used by the My Web Part">
<IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Flags="Execution" />
<IPermission class="System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
version="1" Read="$AppDir$" Write="$AppDir$" Append="$AppDir$" PathDiscovery="$AppDir$" />
</PermissionSet>
<Assemblies>
<Assembly Name="log4net" />
</Assemblies>
</PolicyItem>
</CodeAccessSecurity>
</Solution>
You will have to dig into the MS documentation for the Permissions you need because it took me a while to figure out which ones I need.
The .wsp file was created with the command:
cabarc -r -p N ..\MyWebPart-1.0.0.wsp *
(I downloaded cabarc from the Microsoft website, but I don't remember exactly where)
To deploy the Web Part solution into SharePoint I use these commands:
cd C:\Program Files\Common Files\Microsoft Shared\web server extensions\12\bin
stsadm.exe -o addsolution -filename MyWebPart-1.0.0.wsp
stsadm.exe -o deploysolution -name MyWebPart-1.0.0.wsp -immediate -allcontenturls -allowCasPolicies
stsadm.exe -o execadmsvcjobs
The allowCasPolicies parameter is necessary because the solution contains CAS policies. Without it, they will not be added to the web.config file of SharePoint.