spouliot at videotron.ca
Wed Jun 8 08:31:21 EDT 2005
> I think Click Once is a set of runtime features that can be made
> safer with
> CAS but it can be implemented on a runtime that has no CAS (supports the
> methods but does nothig)
Well that's really not saying much. Anything will be "safer with CAS" but
will work if the CAS methods are stubbed (including applets hosted in a web
browser). The real question is: does it make sense without it ?
> but that implementation will run in full trust
> allways. Click Once has the ability to request full trust so it is not a
> feature inside CAS it is a deployment infrastructure.
You answered this yourself but with the wrong answer.
Phrase: "Click Once has the ability to request full trust..."
Who's gonna honor that request ?
the security manager
and based on what ?
the application manifest, evidences and other policies
If/when we plan to support ClickOnce in Mono it must be because the
end-result will be useful to most users and meet their "normal" expectations
(the keyword is _support_ here) and won't be limited to a stubbing job ;-).
home: spouliot at videotron.ca
More information about the Mono-list