NGWS SDK Documentation  

This is preliminary documentation and subject to change.
To comment on this topic, please send us email at ngwssdk@microsoft.com. Thanks!

ReflectionPermission Class

Controls access to metadata through the reflection APIs. With ReflectionPermission, code may access all the types in its AppDomain, Assembly, and Module. It can find out all kinds of information about the public, family and even private members of any Type it can get to. At best this access reveals implementation details, at worst it exposes intellectual property. Even though private members of a class maybe exposed, they cannot be executed from semi-trusted code-- even if that code has ReflectionPermission. In order to call a private member, code must have full trust. We suggest ReflectionPermission not be granted to Internet code.

Object
   CodeAccessPermission
      ReflectionPermission

[Visual Basic]
NotInheritable Public Class ReflectionPermission
   Inherits CodeAccessPermission
   Implements IUnrestrictedPermission
[C#]
public sealed class ReflectionPermission : CodeAccessPermission,
   IUnrestrictedPermission
[C++]
public __gc __sealed class ReflectionPermission : public
   CodeAccessPermission, IUnrestrictedPermission
[JScript]
public class ReflectionPermission extends CodeAccessPermission,
   IUnrestrictedPermission

Remarks

Type is the root of the reflection functionality. We will examine the details of the access ReflectionPermission grants by looking at three views:

1. Ways to Get System.Type instances.

2. From Type outward to other types.

3. From Type inward to members of that type.

Ways to Get System.Type instances:

1. From Object. The GetType() method provided by Object returns a Type object that represents the type of an instance. Access to this Type object is unrestricted.

2. From GetType. The static GetType method provided by Type returns a Type object that represents a type specified by its fully-qualified string name. Without ReflectionPermission, only public exported types from loaded assemblies can be accessed (Not Yet Implemented). With ReflectionPermission, any loaded type can be accessed.

3. From Module and Assembly.GetType() methods. The GetTypes, GetType, and FindTypes methods provided by Module and Assembly return Type objects that represent the types defined in a module or exported from an Assembly. Without ReflectionPermission, no access to this information is available. With ReflectionPermission, any loaded type can be accessed.

4. From GetTypeFromHandle. This method is called by compilers all over the place. It is used to get the Type object based upon the handle. This is always callable, but must be done in a verified sequence of instructions.

5. From GetTypeFromProgID. These methods are provided for interoperability. This method returns a Type object that represents the type specified by a progID. It requires full trust to be used as they provide access to unmanaged code (Not Yet Implemented).

From Type Outward to Other Types:

1. Module- This property returns the module that defines the type. It is not accessible from code without the ReflectionPermission

2. Type.Assembly- This property returns the Assembly that defines the type. It is not accessible from code without the ReflectionPermission.

3. BaseType- This property returns base type of the type. It is not accessible from code without the ReflectionPermission. [Still under debate- not yet implemented]

4. GetInterfaces- This method returns the types of the interfaces this type implements. It is not accessible from code without the ReflectionPermission. [Still under debate- not yet implemented]

From Type Inward to Members of that Type:

1. GetMembers(), (GetMethod(), GetField(), GetEvents(), GetProperties(), GetNestTypes(), etc.). Public members are available without ReflectionPermission. With ReflectionPermission, private, family and protected members can be accessed. Notice that even non-public members of your own class cannot be accessed without ReflectionPermission.

2. Other properties of Type. Access to properties of a Type, such as Name, FullName, and Attributes, is unrestricted.

Requirements

Namespace: System.Security.Permissions

Assembly: mscorlib.dll

Example [C#]

XML Encoding for ReflectionPermission:

[C#]

<Permission>
<Class>
<NameSpace>
System.Security.Permissions </NameSpace>
<Name>
ReflectionPermission </Name>
</Class>
</Permission>

See Also

ReflectionPermission Members | System.Security.Permissions Namespace