A runtime execution environment may implement code access security by annotating a delegate to a publisher with a list of potential callers to the publisher. If a permission verification process for at least the listed potential callers results in even one indication of no trust, an exception may be thrown.