Actually I'm pretty sure so-called NTD is mostly an Internet Explorer feature, mostly disjoint from the runtime itself. It's actually somewhat annoying when you're trying to distribute a .NET executable that cannot be run without full trust. For instance, if you have a Windows system with Internet Explorer and .NET installed at your disposal, try just plain left clicking on the link for mode13.exe in the following directory listing:
It has some relations to IE but it is a feature of .NET Framework. You are right it may be very annoying when you are not able to execute an exe because it requires full trust but in fact it is for you security.:) The infrastructure itself is provided by .NET Framework because you can specify code access security based on the origin of the code as well. Internet Exploer interacts with .NET Framework because it has to tell the runtime the origin of the code. Actually it is executed from the browser cache (Temporary Internet Files) but the runtime knows the actual CodeBase URL of the assembly and it can apply the appropriate security rules according to your configuration files that can be changed if you want to grant full trust to all of the code that you are executing from other machines. And because the runtime knows the CodeBase of the assembly it can download all of it's dependent assemblies as well. So this is a feature of runtime in fact but integrates with Internet Explorer. And there will be no question whether you want to execute the code because it is safe to execute as it has no full trust. I think this is good. Of course this causes exceptions when the code requires full trust. In this case you have the ability to right click the file and save it to your hard drive. Windows XP SP2 the will as you for permission to execute it because it comes from an other computer (you can disable this warning) and will execute it using full trust (if you did not change the default security policy of .NET). But you have to download all of it's dependencies because CodeBase will be your hard drive in this case. Click Once is a feature of .NET Framework 2.0 that is a built-in installer and lets you to download the application to your computer. Now I think you can see that neither of these technologies are depending on CAS but can save you against malicious code by setting CodeBase to an URL on a remote computer. In case of "No Touch" this is applied to the application and in case of "Click Once" this is applied to the installer. Korn�l _______________________________________________ Mono-list maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-list
