Decides what permissions to grant to code. This method performs the basic security decision of what permissions to grant to code based on evidence about it and what it requests. This method invokes the security policy engine providing it with evidence and code request permission sets, resulting in a grant set determined by security policy consisting of a granted permission set return value and a denied permission set as an output parameter. The effective granted permissions are those permissions in the granted set but not in the denied set.
[Visual Basic] Public Shared Function ResolvePolicy( _ ByVal evidence As Evidence, _ ByVal reqdPset As PermissionSet, _ ByVal optPset As PermissionSet, _ ByVal denyPset As PermissionSet, _ ByRef denied As PermissionSet _ ) As PermissionSet [C#] public static PermissionSet ResolvePolicy( Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, ref PermissionSet denied ); [C++] public: static PermissionSet* ResolvePolicy( Evidence* evidence, PermissionSet* reqdPset, PermissionSet* optPset, PermissionSet* denyPset, PermissionSet** denied ); [JScript] public static function ResolvePolicy( evidence : Evidence, reqdPset : PermissionSet, optPset : PermissionSet, denyPset : PermissionSet, denied : PermissionSet ) : PermissionSet;
Granted permission set.
Exception Type | Condition |
---|---|
PolicyException | raised if policy fails to grant the minimum required permissions specified by reqdPset parameter. |
To grant permissions to an assembly the security system collects evidence from the assembly and its host, and also the code request as the three Pset arguments and passes them to ResolvePolicy. The result is returned as the granted permission set and a denied permission set as out parameter.
SecurityManager Class | SecurityManager Members | System.Security Namespace