This permission controls the ability to access files and folders.
Object
CodeAccessPermission
FileIOPermission
[Visual Basic] NotInheritable Public Class FileIOPermission Inherits CodeAccessPermission Implements IUnrestrictedPermission [C#] public sealed class FileIOPermission : CodeAccessPermission, IUnrestrictedPermission [C++] public __gc __sealed class FileIOPermission : public CodeAccessPermission, IUnrestrictedPermission [JScript] public class FileIOPermission extends CodeAccessPermission, IUnrestrictedPermission
The permission distinguishes between the following three different types of file I/O access.
READ: Read-only access to the contents of the file or access to information about the file, such as its length or last modification time.
WRITE: Write access to the contents of the file or access to change information about the file, such as its name. Also allows for deletion and overwriting.
APPEND: Ability to write to the end of a file only. No ability to read or seek.
All of these permissions are independent, meaning that rights to one don't imply rights to another. If more than one permission is desired, they can be or'd together as shown in the code sample below. For instance, write permission does not imply read and append. File permission is defined in terms of canonical absolute path names; checks should always be made with canonical file path names.
The FileIOPermission describes protected operations on files and folders. A File class is implemented that provides secure access to files and folders. The security access check is done at the time the handle to the file is created. By doing the check at creation time, the cost of the security check is minimized. Opening a file happens once, while reading and writing happen multiple times. Once the file is opened no further checks are done. If the object is passed to an untrusted caller, then it can be misused. File permission access is only checked on the file open. This means for example that file handles should not be stored in global statics where code with less permission might get at them.
The flags specify the actions that can be performed on the file(s) or folder(s): Read, Write, and Append. In addition, the actions can be OR'd together to form more complicated access requests.
Folder access implies access to all files it contains and below it in sub-/subsub-/etc.-folders.
Namespace: System.Security.Permissions
Assembly: mscorlib.dll
Here are samples of what code would look like that used the FileIOPermission object. After these next two lines of code, the object f would represent permissions to read all files on the client computer's local disks.
[C#]
f = new FileIOPermission(); f.AddAllLocalFiles(FileIOPermissionAccess.Read);
After these next two lines of code, the object f would represent permissions to read c:\foo and read and write to c:\bar\bas.txt. The FileIOPermissionAccess.Read and FileIOPermissionAccess.Write are an enumerated type that represent the file/folder permissions as described above.
[C#]
f = new FileIOPermission( FileIOPermissionAccess.Read, "C:\foo"); f.Add( FileIOPermissionAccess.Write | FileIOPermissionAccess.Read, "C:\bar\bas.txt");
FileIOPermission Members | System.Security.Permissions Namespace