And on top of that, are there cases where one has to use the global assembly cache or where one cannot use it?
The GAC can also be used by assemblies that require elevated permissions to perform privileged operations on behalf of less trusted code (e.g. a partial trust ASP.NET application).
For example, say you have a partial trust ASP.NET application which needs to perform a task that would require elevated privileges, i.e. Full Trust. The solution is to put the code that requires elevated privileges into a separate assembly. The assembly is marked with the AllowPartiallyTrustedCallers
attribute and the class that contains the privileged logic is marked with the PermissionSet attribute, something like this:
[PermissionSet(SecurityAction.Assert, Unrestricted=true)]
Our assembly would be given a strong name (signed) and then deployed into the GAC.
Now our partially trusted app(s) can utilise the trusted assembly in the GAC to carry out a specific and narrow set of privileged operations without losing the benefits of partial trust.