There are several named permission sets defined by default in the CLR security policy:
These sets are used to create the default policy, however there's nothing stopping any user from modifying them (adding or removing permissions for instance), or creating their own named permission sets. Sometimes its useful to be able to determine what permissions are in each named permission set from code.
At first glance this seems easy ... since the PolicyLevel class exposes a GetNamedPermissionSet method. However, there are several complications along the way. To start with, we'll need to check each policy level, since nothing is stopping someone from defining another set of permissions with the same name on another level.
OK, to solve that problem, we can just loop over each level, and check to see if there's a named permission set on that level. If there is a named set on multiple levels, we'll need to merge them together. I've chosen to intersect them which leads to another interesting problem. Intersecting permission sets can result in a null return if the intersection is an empty set.
With all that in mind, it becomes pretty easy to write this method:
Using this method is equally easy. Calling GetNamedPermissionSet("Internet") will retrieve you the current set of permissions in the Internet permission set on all policy levels.