NGWS SDK Documentation  

This is preliminary documentation and subject to change.
To comment on this topic, please send us email at ngwssdk@microsoft.com. Thanks!

IUnrestrictedPermission Interface

An interface that represents the unrestricted state of a permission. All code access permission objects should implement IUnrestricted.

IUnrestrictedPermission

[Visual Basic]
Public Interface IUnrestrictedPermission
[C#]
public interface IUnrestrictedPermission
[C++]
public __gc __interface IUnrestrictedPermission

[JScript] In JScript, you can use the interfaces in the NGWS frameworks, but you cannot define your own.

Classes that Implement IUnrestrictedPermission

Class Description
EnvironmentPermission Controls the ability to query and modify system and user environment variables. Variable names are designated by one or more case-insensitive name lists separated by semicolons, with separate lists for read and write access to the named variables. Write access includes the ability to create and delete environment variables as well as write existing values.
FileDialogPermission Permission to open files by means of a file dialog, where the user explicitly selects file(s) that the application may use. Files may only be opened for read-only access by means of this permission.
FileIOPermission This permission controls the ability to access files and folders.
IsolatedStoragePermission An abstract base class representing access to generic isolated storage capabilities.
PrincipalPermission Allows checks against the Active principal (see IPrincipal object) using the language constructs defined for both declarative and imperative security actions. By passing identity information (user name and role) to the constructor, the PrincipalPermission object can be used to demand that the identity of the active principal matches this information.

To match the active Principal object, and associated Identity object, both the specified identity and role must match. A NULL identity string is interpreted as a request to match any identity. A NULL role string will match any role. By implication, PrincipalPermission(NULL, NULL) will match the identity and roles in any Principal object. It is also possible to construct a PrincipalPermission that only checks for whether the Identity represents and authenticated or unauthenticated entity. In this case, the name and roles are ignored.

ReflectionPermission Controls access to metadata through the reflection APIs. With ReflectionPermission, code may access all the types in its AppDomain, Assembly, and Module. It can find out all kinds of information about the public, family and even private members of any Type it can get to. At best this access reveals implementation details, at worst it exposes intellectual property. Even though private members of a class maybe exposed, they cannot be executed from semi-trusted code-- even if that code has ReflectionPermission. In order to call a private member, code must have full trust. We suggest ReflectionPermission not be granted to Internet code.
RegistryPermission This permission controls the ability to access registry keys and values. The permission distinguishes between the following three different types of registry access.

READ: Read-only access to the contents of the key or value.

WRITE: Write access to the contents of the key or value. Also allows for deletion and overwriting.

CREATE: Ability to create new keys or values.

All of these permissions are independent, meaning that rights to one don't imply rights to another. If more than one permission is desired, they can be OR'd together as shown in the code sample below. For instance, write permission does not imply read and create. Registry permission is defined in terms of canonical absolute paths; checks should always be made with canonical path names.

SecurityPermission This permission defines a collection of security permission flags used by the security system.

Assertion: Ability to assert any permission that has been granted.

UnmanagedCode: Ability to call unmanaged code, such as calling native code via System.Runtime.InteropServices.PInvoke or via COM interop.

SkipVerification: Allows code to run without doing verification on it.

Execution: Code must have this permission in order to be run.

ThreadControl: Ability to perform advanced operations with threads.

SocketPermission Controls rights to make or accept connections on a transport address.
UIPermission Controls the ability to use user interface (drawing and user input events in windows), and the ability to use the clipboard.
WebPermission Controls rights to make or accept connections on a Web address.

Remarks

[To be supplied.]

Requirements

Namespace: System.Security.Permissions

Assembly: mscorlib.dll

See Also

IUnrestrictedPermission Members | System.Security.Permissions Namespace