Security Permission

Adds a SecurityPermission to the project. Describes a set of security permissions applied to code.

Recipe Description

The recipe adds a line for the permission to the Package.Template.xml (for VS 2010 projects) or to the file CASPolicy.txt (for HIVE projects). Warning: Existing permissions with the same name are replaced completely.

Arguments

Name Description
Typical Permissions
Assertion Optional Boolean. Ability to assert that all this code's callers have the requisite permission for the operation.
BindingRedirects Optional Boolean. Permission to perform explicit binding redirection in the application configuration file. This includes redirection of .NET Framework assemblies that have been unified as well as other assemblies found outside the .NET Framework.
Execution Optional Boolean. Permission for the code to run. Without this permission, managed code will not be executed. This flag has no effect when used dynamically with stack modifiers such as Deny, Assert, and PermitOnly.
Infrastructure Optional Boolean. Permission to plug code into the common language runtime infrastructure, such as adding Remoting Context Sinks, Envoy Sinks and Dynamic Sinks.
NoFlags Optional Boolean. No security access.
RemotingConfiguration Optional Boolean. Permission to configure Remoting types and channels.
SerializationFormatter Optional Boolean. Ability to provide serialization services. Used by serialization formatters.
Advanced Permissions
AllFlags Optional Boolean. The unrestricted state of the permission.
ControlPolicy Optional Boolean. Ability to view and modify policy. This is a powerful permission that should only be granted to highly trusted code.
ControlThread Optional Boolean. Ability to use certain advanced operations on threads.
ControlEvidence Optional Boolean. Ability to provide evidence, including the ability to alter the evidence provided by the common language runtime. This is a powerful permission that should only be granted to highly trusted code.
ControlAppDomain Optional Boolean. Ability to create and manipulate an AppDomain.
ControlDomainPolicy Optional Boolean. Ability to specify domain policy.
ControlPrincipal Optional Boolean. Ability to manipulate the principal object.
SkipVerification Optional Boolean. Ability to skip verification of code in this assembly. Code that is unverifiable can be run if this permission is granted. This is a powerful permission that should be granted only to highly trusted code. This flag has no effect when used dynamically with stack modifiers such as Deny, Assert, and PermitOnly.
UnmanagedCode Optional Boolean. Ability to call unmanaged code. Since unmanaged code potentially allows other permissions to be bypassed, this is a dangerous permission that should only be granted to highly trusted code. It is used for such applications as calling native code using PInvoke or using COM interop.
No Permissions
Unrestricted Required Boolean. If Unrestricted is true, all other permission will be ignored.

Authors

  • Torsten Mandelkow

Version history

  • 1.0 Initial Recipe