Longhorn SDK - System.security namespace
System.Security Language: Visual Basic .NETC#Managed C++JScript .NET(Show All)
Note: This documentation is preliminary and is subject to change.
The following tables list the members exposed by the System.Security namespace.
Classes
AllowPartiallyTrustedCallersAttribute Allows strong-named assemblies to be
called by partially trusted code. Without this declaration, only fully trusted
callers are able to use such assemblies. This class cannot be inherited.
CodeAccessPermission Defines the underlying structure of all code access
permissions.
AspNetHostingPermission
AutomationPermission
AVTempUIPermission
DataProtectionPermission
DBDataPermission
DnsPermission
EnvironmentPermission
FileDialogPermission
FileIOPermission
GacIdentityPermission
IsolatedStoragePermission
KeyContainerPermission
MessageQueuePermission
NetworkInformationPermission
PrintingPermission
PrintSystemPermission
PublisherIdentityPermission
ReflectionPermission
RegistryPermission
RequestCachePermission
ResourcePermissionBase
SecurityPermission
SiteIdentityPermission
SocketPermission
SqlNotificationPermission
StorePermission
StrongNameIdentityPermission
SystemTransactionsProviderPermission
TransactionPermission
UIPermission
UrlIdentityPermission
WebBrowserPermission
WebPermission
ZoneIdentityPermission
HostProtectionException (more detail below)
Methods
Equals Determines whether the specified Object is equal to the current
Object. Inherited from Object.
Finalize Allows an Object to attempt to free resources and perform other
cleanup operations before the Object is reclaimed by garbage collection.
Inherited from Object.
GetBaseException When overridden in a derived class, returns the
Exception that is the root cause of one or more subsequent exceptions.
Inherited from Exception.
GetHashCode Serves as a hash function for a particular type. GetHashCode
is suitable for use in hashing algorithms and data structures like a hash
table. Inherited from Object.
GetObjectData Sets the SerializationInfo object with information about
the HostProtectionException.
GetType [To be supplied.] Inherited from Exception.
HostProtectionException Creates and initializes a new instance of the
HostProtectionException class using the provided serialization
information and streaming context.
MemberwiseClone Creates a shallow copy of the current Object. Inherited
from Object.
ReferenceEquals Determines whether the specified Object instances are
the same instance. Inherited from Object.
ToString Returns a string representation of the current
HostProtectionException.
Properties
Data Gets a collection of key/value pairs that provide additional, user-
defined information about the exception. Inherited from Exception.
DemandedResource Gets or sets the demanded host protection resources
that caused the exception to be thrown.
HelpLink Gets or sets a link to the help file associated with this
exception. Inherited from Exception.
HResult Gets or sets HRESULT, a coded numerical value that is assigned
to a specific exception. Inherited from Exception.
InaccessibleResources Gets or sets the host protection resources that
are inaccessible to all managed code.
InnerException Gets the Exception instance that caused the current
exception. Inherited from Exception.
Message Gets a message that describes the current exception. Inherited
from Exception.
ProtectedResources Gets or sets the host protection resources that are
inaccessible to partially trusted code.
None Exposes no host resources.
Synchronization Exposes synchronization.
SharedState Exposes state which might be shared between
threads.
ExternalProcessMgmt Might create or destroy other
processes.
SelfAffectingProcessMgmt Might exit the current
process, terminating the server.
ExternalThreading Creates or manipulates threads other
than it's own, which might be harmful to the host.
SelfAffectingThreading Manipulates threads in a way
that only affects user code.
SecurityInfrastructure Exposes the security
infrastructure.
UI Exposes the user interface.
MayLeakOnAbort Might cause a resource leak on an abort,
if not protected by a safe handle or some other means
of assuring the release of resources.
All Exposes all host resources.
Source Gets or sets the name of the application or the object that
causes the error. Inherited from Exception.
StackTrace Gets a string representation of the frames on the call stack
at the time the current exception was thrown. Inherited from Exception.
TargetSite Gets the method that throws the current exception. Inherited
from Exception.
HostSecurityManager Provides host security management functionality for
application domains.
NamedPermissionSet Defines a permission set that has a name and description
associated with it. This class cannot be inherited.
PermissionSet Represents a collection that can contain many different types
of permissions.
PermissionSetCollection Provides a collection of permission sets. This class
cannot be inherited.
SecurityContext Encapsulates and propagates all security related data for
execution contexts transferred across threads. This class cannot be inherited.
SecurityElement Represents the XML object model for encoding security
objects. This class cannot be inherited.
SecurityException The exception that is thrown when a security error is
detected.
SecurityManager Provides the main access point for classes interacting with
the security system. This class cannot be inherited.
SuppressUnmanagedCodeSecurityAttribute Allows managed code to call into
unmanaged code without a stack walk. This class cannot be inherited.
UnverifiableCodeAttribute Marks modules containing unverifiable code. This
class cannot be inherited.
VerificationException The exception that is thrown when the security policy
requires code to be type safe and the verification process is unable to verify
that the code is type safe.
XmlSyntaxException The exception that is thrown when there is a syntax error
in XML parsing. This class cannot be inherited.
Interfaces
IEvidenceFactory Gets an object's Evidence.
IPermission Defines methods implemented by permission types.
ISecurityEncodable Defines the methods that convert permission object state
to and from XML element representation.
ISecurityPolicyEncodable Supports the methods that convert permission object
state to and from an XML element representation.
IStackWalk Manages the stack walk that determines whether all callers in the
call stack have the required permissions to access a protected resource.
Enumerations
HostSecurityManagerFlags Specifies the security policy components to be used
by the host security manager.
PolicyLevelType Specifies the type of a managed code policy level.
SecurityZone Defines the integer values corresponding to security zones used
by security policy.
Structures
SecurityContextSwitcher Provides the functionality to restore the previous
SecurityContext values, which were changed by a SetSecurityContext method
call.
Sample SECURITYMANAGER code:
Provides the main access point for classes interacting with the security
system. This class cannot be inherited.
Definition
Visual Basic .NET NotInheritable Public Class SecurityManager
Inherits Object
Methods
Method Description
Equals Determines whether the specified Object is equal to the current
Object. Inherited from Object.
Finalize Allows an Object to attempt to free resources and perform other
cleanup operations before the Object is reclaimed by garbage collection.
Inherited from Object.
GetHashCode Serves as a hash function for a particular type. GetHashCode is
suitable for use in hashing algorithms and data structures like a hash table.
Inherited from Object.
GetType Gets the Type of the current instance. Inherited from Object.
GetZoneAndOrigin Gets the granted zone identity and URL identity permission
sets for the current assembly.
IsGranted Determines whether a permission is granted to the caller.
LoadPolicyLevelFromFile Loads a PolicyLevel from the specified file.
LoadPolicyLevelFromString Loads a PolicyLevel from the specified string.
MemberwiseClone Creates a shallow copy of the current Object. Inherited from
Object.
PolicyHierarchy Provides an enumerator to access the security policy
hierarchy by levels, such as computer policy and user policy.
ReferenceEquals Determines whether the specified Object instances are the
same instance. Inherited from Object.
ResolvePolicy Determines what permissions to grant to code based on the
specified evidence and requests.
ResolvePolicyGroups Gets a collection of code groups matching the specified
evidence.
SavePolicy Saves the modified security policy state.
SavePolicyLevel Saves a modified security policy level loaded with
LoadPolicyLevelFromFile.
ToString Returns a String that represents the current Object. Inherited from
Object.
Properties
CheckExecutionRights Gets or sets a value indicating whether code must have
in order to execute.
SecurityEnabled Gets or sets a value indicating whether security is enabled.
[Visual Basic .NET]
' This sample demonstrates how to set code access permissions programmatically. It creates a
' new parent and child code group pair, and allows the user to optionally delete the child group
' and/or the parent code group. It also shows the result of a ResolvePolicy call, and displays
' the permissions for the three security levels; Enterprise, Machine, and User.
Imports System
Imports System.Collections
Imports System.Security
Imports System.Security.Policy
Imports System.Security.Permissions
Imports System.Reflection
Imports System.Globalization
' using CRCLib;
Class SecurityManagerSample
Shared Sub Main()
' SecurityManager.CheckExecutionRights
' Gets a value indicating whether code must have execution rights in order to execute.
If Not SecurityManager.CheckExecutionRights Then
Console.WriteLine("Execution rights are not required to run the assemblies.")
End If
' SecurityManager.SecurityEnabled
' Gets a value indicating whether code access security is enabled.
If Not SecurityManager.SecurityEnabled Then
Console.WriteLine("Security is not enabled.")
End If
' SecurityManager.IsGranted
' Determines whether the right to control policy has been granted to the caller.
If SecurityManager.IsGranted(New SecurityPermission(SecurityPermissionFlag.ControlPolicy)) Then
'
' Define custom named permission sets for Company and Department.
' These will be used for the new code groups.
CreateCompanyPermission()
CreateDepartmentPermission()
' Create a parent and child code group at the Machine policy level using the
' permission sets we created.
CreateCodeGroups()
' Demonstrate the result of a call to ResolvePolicy().
' This is not required for the main thrust of this sample, custom named permissions
' and code groups, but allows demonstration of the ResolvePolicy method.
Console.WriteLine("Current Security Policy:")
Console.WriteLine("------------------------")
DisplaySecurityPolicy()
Console.WriteLine("Resolve Policy demonstration.")
' Get the evidence for the Local Intranet zone.
Dim intranetZoneEvidence As New Evidence(New Object() {New Zone(SecurityZone.Intranet)}, Nothing)
Console.WriteLine("Show the result of ResolvePolicy for LocalIntranet zone evidence.")
CheckEvidence(intranetZoneEvidence)
' Optionally remove the policy elements that were created.
Console.WriteLine("Would you like to remove the Department code group?")
Console.WriteLine("Please type 'yes' to delete the Department group, else press the Enter key.")
Dim answer As String = Console.ReadLine()
If answer = "yes" Then
DeleteCustomChildCodeGroup("MyDepartment")
SecurityManager.SavePolicy()
End If
Console.WriteLine("Would you like to remove all new code groups and permission sets?")
Console.WriteLine("Please type yes to delete all new groups, else press the Enter key.")
answer = Console.ReadLine()
If answer = "yes" Then
DeleteCustomCodeGroups()
DeleteCustomPermissions()
SecurityManager.SavePolicy()
End If
Else
Console.Out.WriteLine("ControlPolicy permission is denied.")
End If
Return
End Sub 'Main
Private Shared Sub DisplaySecurityPolicy()
Dim policyEnumerator As IEnumerator = SecurityManager.PolicyHierarchy()
While policyEnumerator.MoveNext()
Dim currentLevel As PolicyLevel = CType(policyEnumerator.Current, PolicyLevel)
' Display the policy at the current level.
Console.WriteLine("Policy Level {0}:", currentLevel.Label)
' To display the policy detail, uncomment the following line:
'Console.WriteLine(currentLevel.ToXml().ToString());
Dim namedPermissions As IList = currentLevel.NamedPermissionSets
Dim namedPermission As IEnumerator = namedPermissions.GetEnumerator()
While namedPermission.MoveNext()
Console.WriteLine((ControlChars.Tab + CType(namedPermission.Current, NamedPermissionSet).Name))
End While
End While
End Sub 'DisplaySecurityPolicy
' CodeGroup.RemoveChild;SecurityManager.PolicyHierarchy
Private Shared Sub DeleteCustomCodeGroups()
' Delete the custom code groups that were created.
Dim policyEnumerator As IEnumerator = SecurityManager.PolicyHierarchy()
While policyEnumerator.MoveNext()
Dim machineLevel As PolicyLevel = CType(policyEnumerator.Current, PolicyLevel)
Dim childCodeGroups As IList = machineLevel.RootCodeGroup.Children
Dim childGroups As IEnumerator = childCodeGroups.GetEnumerator()
While childGroups.MoveNext()
Dim thisCodeGroup As CodeGroup = CType(childGroups.Current, CodeGroup)
If thisCodeGroup.Name = "MyCompanyCodeGroup" Then
machineLevel.RootCodeGroup.RemoveChild(thisCodeGroup)
End If
End While
End While
End Sub 'DeleteCustomCodeGroups
'
Private Shared Sub DeleteCustomChildCodeGroup(ByVal codeGroupName As String)
' Delete the custom child group.
' Delete the child group by creating a copy of the parent code group, deleting its children,
' then adding the copy of the parent code group back to the root code group.
Dim policyEnumerator As IEnumerator = SecurityManager.PolicyHierarchy()
While policyEnumerator.MoveNext()
Dim machineLevel As PolicyLevel = CType(policyEnumerator.Current, PolicyLevel)
' IList returns copies of the code groups, not the code groups themselves,
' so operations on the IList objects do not affect the actual code group.
Dim childCodeGroups As IList = machineLevel.RootCodeGroup.Children
Dim childGroups As IEnumerator = childCodeGroups.GetEnumerator()
While childGroups.MoveNext()
Dim thisCodeGroup As CodeGroup = CType(childGroups.Current, CodeGroup)
If thisCodeGroup.Name = codeGroupName Then
' Create a new code group from this one, but without it's children.
' Delete the original code group and add the new one just created.
Dim newCodeGroup As CodeGroup = thisCodeGroup
Dim childCodeGroup As IList = newCodeGroup.Children
Dim childGroup As IEnumerator = childCodeGroup.GetEnumerator()
While childGroup.MoveNext()
' Remove all the children from the copy.
newCodeGroup.RemoveChild(CType(childGroup.Current, CodeGroup))
End While
' Should have a copy of the parent code group with children removed.
' Delete the original parent code group and replace with its childless clone.
machineLevel.RootCodeGroup.RemoveChild(thisCodeGroup)
machineLevel.RootCodeGroup.AddChild(newCodeGroup)
SecurityManager.SavePolicy()
End If
End While
End While
End Sub 'DeleteCustomChildCodeGroup