The allowed usage specified by the IsolatedStorageFilePermission determines the degree to which code will be allowed to create and use isolated storage. The following table shows how the allowed usage in the permission maps to types of isolation, and it also summarizes the security risks associated with each allowed usage.
Allowed Usage | Isolation Types | Security Impact |
---|---|---|
None | No isolated storage use allowed. | None. |
DomainIsolationByUser | User, domain, and assembly. | Data is contained by domain. Each assembly has a separate substore within the domain.
Potential denial-of-service. |
AssemblyIsolationByUser | User and assembly. | Potential for leaking information between applications. |
UnrestrictedIsolatedStorage | All users, domains, and assemblies. | Potential for total compromise. |
AdministerIsolatedStorageByUser | View or delete a user's files or directories. | The most powerful allowed usage, which brings the greatest security risk. These risks include, but are not limited to, leaking information and data loss. |