How can I use CAS in .NET 4 to lock down my MEF extensions?

Question

I have an application in .NET 4 that uses MEF for extensibility. My main application has three assemblies: Host, Application and Contracts

Answer 1

If your application is running in full trust, then by default your extensions will be running in full trust and be able to do anything they want. It won't matter what the security attributes on them are. To limit what extensions can do, you need to create a sandbox appdomain. You would set your Host and Application as fully trusted in that AppDomain and all other code would only have the permissions you grant it.

Here's an MSDN article on this topic: How to: Run Partially Trusted Code in a Sandbox