Tip #45 explained the basic concepts about declarative and imperative security, when to use and some examples of security permission classes.
You may have realized that when applying declarative security, the first expected parameter is a SecurityAction enumerator item. The security action property guides the CLR about how to perform the security checks.
Let’s take a look today the security action types provided by the .NET framework and that are available for declarative security at the assembly level:
The RequestMinimum action defines that the assembly requires at least the permission defined by the permission attribute. If the assembly does not have the permission rights, a PolicyException will be thrown.
In practice the RequestOptional action will refuse all permissions other than the declared ones. When you start coding, add a RequestOptional permission is a good practice so you will be obligated to define permissions for only the specific resources your application needs. Based on the fact that this action refuses all other permissions, if you are coding and want to debug an application, the UIPermisssion is required.
The RequestRefuse action will remove permissions for your assembly. You must use to restrict access to unneeded resources.