So imagine you have some managed code, and it calls some other managed code, and that lower level code tries to do something that requires a certain level of code access security. Maybe it wants to write to the files system, or open a network connection, for example. You probably know that there is a stack walk to make sure that everyone has the appropriate permissions. But what if that stack includes some native entries? Managed code called native code (maybe with P/Invoke; maybe with IJW-style C++ interop) and then the native code called managed code (probably with COM interop though there is also "reverse P/Invoke" I suppose. What happens then? Shawn Farkas knows. The whole blog is good reading if Code Access Security and the way the runtime actually works are things you should know more about, but haven't investigated. Bite size pieces of intruiging questions, along with definitive answers. Nice.