All managed code is subject to code access security permission demands. Many of the issues are only apparent when your code is used in a partial trust environment, when either your code or the calling code is not granted full trust by code access security policy.
For more information about the issues raised in this section, see Chapter 8.
Use the following review points to check that you are using code access security appropriately and safely:
Do you support partial-trust callers?
Do you restrict access to public types and members?
Do you use declarative security?
Do you call Assert?
Do you use permission demands when you should?
Do you use link demands?
Do you use Deny or PermitOnly?
Do you use particularly dangerous permissions?