我遇到code访问安全性往往在现实世界，往往当我最不希望的。而且在某种程度上，Silverlight的将是它的一个优秀的现实世界的应用程序，如果不是那SilverLight的的 选择不聘请中科院的都在最后。

I encounter code access security quite often in the "real world", often when I least expect it. And in a way, SilverLight would be an excellent real-world application of it, were it not that SilverLight chose not to employ CAS at all in the end.

在这里你看到它在行动的地方就是需要一个安全的环境：ASP.NET，当然本身，而是ASP.NET主机提供商使用的修改的安全模型的以prevent入侵在他们的precious系统。我知道对于Webhost4Life使用这个事实（在其网站上关于它的任何信息，但我已经与他们合作过，它的存在，真的）。进一步看，其他ASP.NET主机服务商做同样的，但他们不是很清楚，要么：的在godaddy.com线程不的希望（什么是支持的，哪些不是，也没有清晰），以改变或CAS的在1和此相关的讨论; 1 。有些云托管网站（rackspacecloud）把它远一点和与微软合作的修改完全信任级别的任何可能。

The places where you see it in action is where a secured environment is needed: ASP.NET itself of course, but ASP.NET hosting providers use a modified security model to prevent intrusion in their precious systems. I know for a fact that Webhost4Life uses this (no information on their site about it, but I've worked with them, it's there, really). Looking further, other ASP.NET hosting providers do the same, but they are not very clear about it either: thread on godaddy.com not wanting to change the CAS (and no clarity what's supported and what not) or this related discussion on 1&1. Some cloud hosting sites (rackspacecloud) took it a bit further and "worked with Microsoft for a modified full trust level" whatever that may be.

总之：如果你发现一个ASP.NET主机，他们很有可能已经使用中科院prevent你做的事情，他们不希望你做的事。他们甚至可以用它使基本（很多限制）之间的差异托管和企业（限制较少）的主机赋予完全是另外一个意思CAS。

In short: if you find an ASP.NET host, most likely they've used CAS to prevent you from doing things they don't want you to do. They can even use it make difference between "basic" (many restrictions) hosting and "enterprise" (few restrictions) hosting which gives a whole other meaning to CAS.

这么多，我遇到了我一些真实世界的情况。最近的一个项目中，我也有类似的东西：允许用户上传库，并测试它的性能（谁使***的算法）。不用说，我们需要CAS巨资在那里。其他的例子或有趣的资源：

So much for a few real-world situations that I encountered myself. A recent project I did had something similar: allow the user to upload a library, and test it for performance ("who makes the best algorithm"). Needless to say, we needed CAS heavily there. Other examples or interesting resources:

• NAR装载机（A $ C $的CProject应用程序）的使用它自己的CAS
• LR计算器（也$ C $的CProject应用程序）的使用CAS
• 的ClickOnce（见下文）使用CAS
• CAS设计模式的：它是普及假设CAS是使用
• 了解CAS ：更大的普及和一些评论暗示的应用
• 在微软 SharePoint使用CAS 的一路，似乎（对不起，我不是一个SP专科）

• NAR Loader (a codeproject application) uses it's own CAS
• LR Evaluator (also codeproject app) uses CAS
• ClickOnce (see below) uses CAS
• CAS Design Patterns: it's popularity "assumes" CAS is being used
• Understanding CAS: even greater popularity and some comments imply applications
• Microsoft SharePoint uses CAS all the way, it seems (sorry, I'm not an SP specialist)

有关，你只是完全控制自己的任何情况下，你建立你自己的应用程序和code（或有它建），并在你的系统的完全控制，我不认为你需要CAS太频繁。它更是你会使用你从较小的可信来源运行$ ​​C $ C（这基本上是一切，不是在你的完全控制）分钟。

For any situation where you are simply in full control yourself, you build your own app and code (or have it built) and are in complete control of your system, I don't think you'll need CAS too often. It's more something you'd use the minute you get to run code from lesser trusted sources (which is basically everything that's not in your full control).

默认CAS设置限制code运行从网络共享或其他非本地源的能力。这是有道理的，但严格的限制使其难以对分布式应用程序的中间存储库。 .NET 2.0引入的ClickOnce，这是要（这里 讨论），提高了安全性。

Default CAS settings limit the capabilities of code run from a network share or other non-local sources. This makes sense but the stringent restrictions make it hard to have a central repository for distributed application. .NET 2.0 introduced ClickOnce, which was supposed to elevate the security (discussion here).

的ClickOnce本身使用CAS ，以prevent安装程序无法调用到系统功能。因此，我认为这是可以说的依赖于CAS***众所周知的应用程序的。

ClickOnce itself uses CAS, to prevent the installer from calling into system functions. As such, I believe it is arguably the best well known application that relies on CAS.

点是：您需要了解CAS才能够创造的东西，可以直接从共享运行，或者你忽略这一切，并使用的ClickOnce

Point being: you need to understand CAS to be able to create something that can run directly from a share, or you ignore it all and use ClickOnce.

在2005年，微软召见了调查以找出为什么CAS是如此不得人心，希望能改进它，使之更好地适用。不幸的是，我无法找到实际的调查结果来看，其他然后这个帖子有些细节为什么CAS被充分利用。

In 2005, Microsoft summoned a survey to find out why CAS was so unpopular, hoping to improve it to make it better applicable. Unfortunately, I couldn't find the actual survey results, other then this post somewhat detailing why CAS is underused.

该职位，但不点一个有趣的利基：CAS适用于另外一个世界：在Unix / Linux操作系统。他们不把它称为CAS，而不是它的 BitFrost 。是如何形成的一个实际的应用：在人人电脑项目，这依赖于BitFrost作为替代传统的Unix安全模型。

That post, however, does point at an intriguing niche: CAS applied to another world: Unix / Linux. They don't call it CAS, instead it's BitFrost. How's that for a real-world application: the "One Laptop Per Child" project, which relies on BitFrost as a replacement for the traditional Unix security model.

更新：在调查部分在CAS中的Unix / Linux作为BitFrost和部分
更新：补充CAS VS的ClickOnce部分
更新：添加使用CAS的资源列表的

Update: section on CAS in Unix/Linux as BitFrost and section on survey.
Update: added CAS vs ClickOnce section
Update: added list of resources using CAS (and apologies for all these updates in a row!)