On Fri, Jul 10, 2009 at 10:44 AM, Dino Viehland<di...@microsoft.com> wrote: > The big problem w/ installing into the GAC from our perspective is that > assemblies in the GAC are fully trusted and can be loaded by anyone. > Combine this w/ the AllowPartiallyTrustedCallers attribute which we apply to > our assemblies and you potentially have a recipe for disaster. In theory we > believe this is ok because we’re also SecurityTransparent but we haven’t had > the deeper conversion w/ the CLR team about combining all 3 of these so we > continue to be conservative and not install into the GAC.
For the sake of simplifying the NWSGI usage instructions (or: think of the children!), please reconsider :). > > We should probably look into removing APTCA though – the reason why we > applied it in the 1.x time frame was due to a performance problem w/ signed > non-APTCA assemblies which may now be fixed in the CLR. How would this affect partially-trusted applications? IIRC any assemblies they reference must have APTCA. This is quite important for web applications as they are often hosted in medium trust. - Jeff _______________________________________________ Users mailing list Users@lists.ironpython.com http://lists.ironpython.com/listinfo.cgi/users-ironpython.com
