Deployment in the Real World

Are you leery of downloading an application from the Internet and running it on your computer? You should be. Most applications or components you download from the Internet and run on your computer can do whatever you as a logged-on user can do, such as delete whatever files you are able to delete. You have little protection if the application (intentionally or unintentionally) misbehaves. Even if you download and install a .NET application by means of a setup program—the .NET application will be granted full trust in this case—you will be afforded little protection if the application misbehaves. Your main source of protection lies in the intent and ability of the software to do nothing destructive. Deployment techniques such as Authenticode signing and strong-name signing provide reassurance that the software you download is indeed from the named publisher and that the software has not been tampered with. However, these deployment techniques provide no control—such as code-access security restraints—to protect the software from performing destructive actions. Your recourse if the software misbehaves is to seek reparations from the software publisher.

As deployment techniques such as no-touch deployment (introduced by Microsoft .NET) become widely adopted, the applications and components you download and run will be protected by the .NET code-access security system. If the application or component steps out of line, the .NET code-access security system is there to prevent it from doing anything destructive. Unless you are running a .NET application or component installed by means of no-touch deployment (or some other installation mechanism where the .NET Framework is aware that the software came from an untrusted location), be leery of the application or component you download, install, and run.