In what scenarios exactly will a SecurityException be thrown in .NET?

The short answer has been given already. I'm looking for the long answer. Subquestions:

• Will a full trust application ever throw a SecurityException? If yes, in what circumstances?
• What are "CRL security settings", where are they, and how much do I have to worry about them?
• It's pointless to catch an ArgumentExcept开发者_运维技巧ion in e.g. int.Parse("25"). When can I be sure that a SecurityException will never be thrown?

For the fullest answer, I recommend downloading the shared-source Rotor and searching for places where a SecurityException is thrown.

Here's a download site: http://www.microsoft.com/downloads/en/details.aspx?FamilyId=8C09FD61-3F26-4555-AE17-3121B4F51D4D&displaylang=en

And some sample findings:

• HttpWebRequest.CheckResubmit, if Demand() on WebPermission fails
• BaseConfigurationRecord.CheckPermissionAllowed, if Demand() for a ConfigurationPermission(PermissionState.Unrestrictred) fails in certain circumstances

(there are many more)

...

It is not a comprehensive answer but a full trust ASP.net application will throw a SecurityException if the NTFS permissions on the files that make up the web app do not allow access to the identity set against the app pool the web app is running under. You get a very confusing exception that looks like the app does not have full trust even when it does. You simply cannot guarantee a security exception will never be throw because it is dependent on the environment not any code you may write. e.g. the exact same code on 2 different servers, one may throw a SecurityException the other may not.