Windows SharePoint Services can use any of the following three options from ASP.NET and the CLR to provide assemblies installed in the BIN directory with sufficient permissions. The following table outlines the implications and requirements for each
1.Option Pros Cons Increase the trust level for the entire virtual server.In a development environment,increasing the trust level allows you to test an assembly with increased permissions while allowing you to recompile assemblies directly into the BIN directory without resetting IIS. This option is least secure. This option affects all assemblies used by the virtual server.There is no guarantee the destination server has the required trust level. Therefore, Web Parts may not work once installed on the destination
2.Create a custom policy file for your assemblies. For more information, see "How do I create acustom policy file?" Recommended approach.This option is most secure.An assembly can operate with a unique policy that meets the minimum permission
requirementsfor the assembly.By creating a custom security policy, you can ensure the destination server can run your WebParts.
3.Requires the most configuration of all three options.Install your assemblies in the GACEasy to implement.This grants Full trust to your assembly without affecting the trust level of assemblies installed inthe BIN directory.This option is less secure.Assemblies
installed in the GAC are available to all virtual servers and applications on a serverrunning Windows SharePoint Services. This could represent a potential security risk as itpotentially grants a higher level of permission to your assembly across a larger scope
thannecessaryIn a development environment, you must reset IIS every time you recompile assemblies.Licensing issues may arise due to the global availability of your assembly.