Current Microsoft Info about CAS and Full Trust

Current Microsoft info about CAS and Full Trust

Follwing this comment in What are the 'Real World' security advantages of the .Net Framework and the JVM? "... We are still talking about the basics! Microsoft is yet still to publicly acknowledge that is a MASSIVE PROBLEM the fact that 99% of .Net applications are designed for, and executed in Full Trust!.."

Here is what is currently publicly published from MS about Full Trust and Partial Trust (and it's dangers):
 * Chapter 9 – Using Code Access Security with ASP.NET
 * Secure Coding Guidelines for the .NET Framework
 * How To: Use Medium Trust in ASP.NET 2.0
 * How To: Use Code Access Security in ASP.NET 2.0

See also A Treasure Trove of .NET 2.0 Security Guidance & Documentation from the ThreatsAndCountermeasures Website and the .Net Framwork Blog (by Shawn Farkas) and the patterns & practices Security Wiki

Until this issue is on https://www.microsoft.com/security I still stand by my original quote

Originally Posted on 11/3/2005