Installing and running applications can be a scary thing in today's world of connected computers and the Internet. How can users trust that an application will only do what it is supposed to do? Cautious users understand they need to be careful about what software they allow onto their system. Paranoid users will re-evaluate whether they really need that software in the first place, many choosing to abstain upon reconsideration. Developers are concerned because users may be unlikely to even give an application a try due to these factors.
To help protect computer systems from malicious code or code from unknown origins, and to help prevent trusted code from intentionally or accidentally compromising security, the .NET FRAMEWORK (available from MICROSOFT CORP., Redmond, Wash.) provides a security mechanism called code access security (CAS). Code access security allows code to be run in a “secure sandbox” and for users to trust the code to varying degrees in accordance with “security zones” (e.g., MyComputer, Intranet, or Internet, etc.) depending on where the code originates and on other aspects of the code's identity. Code access security also enforces the varying levels of trust on code such that an application from the Internet could never reformat the hard drive, etc.
During the software development process, development tools and code run on the local machine with little or no security restrictions. This creates the problem of errors that are often encountered when the code is run on an end user's machine under the restricted permissions in the secure sandbox. In particular, there is a lack of development tools for setting up a secure sandbox within with an application can be run that also includes a suite of development and debugging tools. This makes it hard for developer's to determine why their code fails when running in the secure sandbox under CAS.
Thus, there is a need for a system of for debugging applications as they execute in a secure sandbox. There is also a need for debugging tools that can simulate various levels of security restrictions placed on the secure sandbox. The present invention provides such a solution to these and other needs in the art.