Turning Off Code Access Security in .NET 2.0
One of the worst security features in .NET 1.0 and 1.1--although thankfully a rather obscure one--was the -s switch on caspol that let you turn off CAS on that machine. What a horrible setting to make available.
I had heard that 2.0 was going to remove the switch, I was quite happy. Alas, it was not to be: Shawn says that it's still there. But the news is not all bad...you can switch it off but only as long as the command prompt is open where you turned it off. And it sounds like it's a good decent implementation.
The argument Shawn puts forward is that it is a useful debugging feature. Fair enough. But I shudder to think what happens when a mere user discovers the switch. Of course, if s/he isn't running as a member of the Administrators group, it's a moot problem. Hmm, and I guess caspol is part of the Framework SDK.
Okay, I feel better.
But please! Practice safe computing and never use -s!!!