NGWS SDK Documentation  

This is preliminary documentation and subject to change.
To comment on this topic, please send us email at ngwssdk@microsoft.com. Thanks!

Standard permissions

The standard permission set supports the resource protection requirements of the class libraries that we ship in the NGWS runtime – the runtime base class libraries and NGWS frameworks classes. The following table summarizes the basic semantics of the standard permissions, followed by brief descriptions of the individual permissions (full details are in separate specs for each permission class):

EnvironmentPermission Read/write access to environment variables
FileDialogPermission Access to files and folders in the filesystem via open/save dialog only, ensuring user must OK the file access request for it to succeed.
FileIOPermission Create/read/write/delete files and folders in the filesystem.
IsolatedStoragePermission Provides storage space safely isolated by software identity and user.
ReflectionPermission Access to names and type information about private class members via reflection
RegistryPermission Create/read/write/delete access to Windows registry keys and values.
SecurityPermission Collection of simple permissions used by the security system
  • Ability to assert any permission that has been granted
  • Ability to P/Invoke to use unmanaged code
  • Ability to do advanced thread operations
  • Ability to execute (without this the code will not be allowed to run)
  • Skip verification (allows code to run without being verified)
  • For a complete list of permissions covered by SecurityPermission, refer to the sub-topic entitled ‘SecurityPermission’.
UIPermission
  • Use of unrestricted, “safe”, or embedded windows. A “safe” window is reliably labeled with title identifying application that is using it.
  • Use of clipboard: unrestricted, limited by web site, or disallowed.

Note: the net classes also define permissions for network access.