How to: Add an Assembly to the Policy Assemblies List

For the security system to successfully evaluate policy at a level that has security objects that are not shipped with the Windows Software Development Kit (SDK), the assembly must have full trust at that policy level.

When you receive an assembly that contains a new security component, use the .NET Framework Configuration tool (Mscorcfg.msc) to add the assembly to the fully trusted assembly list.


Putting an assembly into the fully trusted assembly list gives full trust to the assembly only at that level. If the assembly is not in the full trust list at all other levels, the assembly will not get full trust but rather the intersection of what is granted by those other levels.

To add an assembly to the fully trusted assembly list

  1. In the .NET Framework 1.0 and 1.1, at the command line, type %Systemroot%\Microsoft.NET\Framework\versionNumber\Mscorcfg.msc. In the .NET Framework 2.0, start the SDK Command Prompt and type mscorcfg.msc.

    The user interface for the tool is displayed.

  2. Expand the Runtime Security Policy node.

  3. Expand the node for the policy level you want to add the new assembly to.

  4. Right-click Policy Assemblies and choose Add.

  5. Select the assembly name from the list that appears. These are the assemblies that are in the global assembly cache.

  6. Click Select.

See Also


.NET Framework Configuration Tool (Mscorcfg.msc)

Other Resources

Security Policy Management

Importing Security Components Using XML Files