PolicyLevel PolicyLevel PolicyLevel PolicyLevel Class

Definition

Represents the security policy levels for the common language runtime. This class cannot be inherited.

public ref class PolicyLevel sealed
[System.Runtime.InteropServices.ComVisible(true)]
[System.Serializable]
public sealed class PolicyLevel
type PolicyLevel = class
Public NotInheritable Class PolicyLevel
Inheritance
PolicyLevelPolicyLevelPolicyLevelPolicyLevel
Attributes

Remarks

Important

Starting with the .NET Framework 4, the common language runtime (CLR) is moving away from providing security policy for computers. We recommend that you use Windows Software Restriction Policies (SRP) or AppLocker as a replacement for CLR security policy. The information in this topic applies to the .NET Framework version 3.5 and earlier; it does not apply to the .NET Framework 4 and later. For more information about this and other changes, see Security Changes.

The highest level of security policy is enterprise-wide. Successive lower levels of hierarchy represent further policy restrictions, but can never grant more permissions than allowed by higher levels. The following policy levels are implemented:

  1. Enterprise: Security policy for all managed code in an enterprise.

  2. Machine: Security policy for all managed code run on the computer.

  3. User: Security policy for all managed code run by the user.

  4. Application domain: Security policy for all managed code in an application.

A policy level consists of a set of code groups organized into a single rooted tree (see CodeGroup), a set of named permission sets that are referenced by the code groups to specify permissions to be granted to code belonging to the code group, and a list of fully-trusted assemblies.

Use SecurityManager.PolicyHierarchy to enumerate the policy levels.

Properties

FullTrustAssemblies FullTrustAssemblies FullTrustAssemblies FullTrustAssemblies

Gets a list of StrongNameMembershipCondition objects used to determine whether an assembly is a member of the group of assemblies used to evaluate security policy.

Label Label Label Label

Gets a descriptive label for the policy level.

NamedPermissionSets NamedPermissionSets NamedPermissionSets NamedPermissionSets

Gets a list of named permission sets defined for the policy level.

RootCodeGroup RootCodeGroup RootCodeGroup RootCodeGroup

Gets or sets the root code group for the policy level.

StoreLocation StoreLocation StoreLocation StoreLocation

Gets the path where the policy file is stored.

Type Type Type Type

Gets the type of the policy level.

Methods

AddFullTrustAssembly(StrongName) AddFullTrustAssembly(StrongName) AddFullTrustAssembly(StrongName) AddFullTrustAssembly(StrongName)

Adds a StrongNameMembershipCondition corresponding to the specified StrongName to the list of StrongNameMembershipCondition objects used to determine whether an assembly is a member of the group of assemblies that should not be evaluated.

AddFullTrustAssembly(StrongNameMembershipCondition) AddFullTrustAssembly(StrongNameMembershipCondition) AddFullTrustAssembly(StrongNameMembershipCondition) AddFullTrustAssembly(StrongNameMembershipCondition)

Adds the specified StrongNameMembershipCondition to the list of StrongNameMembershipCondition objects used to determine whether an assembly is a member of the group of assemblies that should not be evaluated.

AddNamedPermissionSet(NamedPermissionSet) AddNamedPermissionSet(NamedPermissionSet) AddNamedPermissionSet(NamedPermissionSet) AddNamedPermissionSet(NamedPermissionSet)

Adds a NamedPermissionSet to the current policy level.

ChangeNamedPermissionSet(String, PermissionSet) ChangeNamedPermissionSet(String, PermissionSet) ChangeNamedPermissionSet(String, PermissionSet) ChangeNamedPermissionSet(String, PermissionSet)

Replaces a NamedPermissionSet in the current policy level with the specified PermissionSet.

CreateAppDomainLevel() CreateAppDomainLevel() CreateAppDomainLevel() CreateAppDomainLevel()

Creates a new policy level for use at the application domain policy level.

Equals(Object) Equals(Object) Equals(Object) Equals(Object)

Determines whether the specified object is equal to the current object.

(Inherited from Object)
FromXml(SecurityElement) FromXml(SecurityElement) FromXml(SecurityElement) FromXml(SecurityElement)

Reconstructs a security object with a given state from an XML encoding.

GetHashCode() GetHashCode() GetHashCode() GetHashCode()

Serves as the default hash function.

(Inherited from Object)
GetNamedPermissionSet(String) GetNamedPermissionSet(String) GetNamedPermissionSet(String) GetNamedPermissionSet(String)

Returns the NamedPermissionSet in the current policy level with the specified name.

GetType() GetType() GetType() GetType()

Gets the Type of the current instance.

(Inherited from Object)
MemberwiseClone() MemberwiseClone() MemberwiseClone() MemberwiseClone()

Creates a shallow copy of the current Object.

(Inherited from Object)
Recover() Recover() Recover() Recover()

Replaces the configuration file for this PolicyLevel with the last backup (reflecting the state of policy prior to the last time it was saved) and returns it to the state of the last save.

RemoveFullTrustAssembly(StrongName) RemoveFullTrustAssembly(StrongName) RemoveFullTrustAssembly(StrongName) RemoveFullTrustAssembly(StrongName)

Removes an assembly with the specified StrongName from the list of assemblies the policy level uses to evaluate policy.

RemoveFullTrustAssembly(StrongNameMembershipCondition) RemoveFullTrustAssembly(StrongNameMembershipCondition) RemoveFullTrustAssembly(StrongNameMembershipCondition) RemoveFullTrustAssembly(StrongNameMembershipCondition)

Removes an assembly with the specified StrongNameMembershipCondition from the list of assemblies the policy level uses to evaluate policy.

RemoveNamedPermissionSet(NamedPermissionSet) RemoveNamedPermissionSet(NamedPermissionSet) RemoveNamedPermissionSet(NamedPermissionSet) RemoveNamedPermissionSet(NamedPermissionSet)

Removes the specified NamedPermissionSet from the current policy level.

RemoveNamedPermissionSet(String) RemoveNamedPermissionSet(String) RemoveNamedPermissionSet(String) RemoveNamedPermissionSet(String)

Removes the NamedPermissionSet with the specified name from the current policy level.

Reset() Reset() Reset() Reset()

Returns the current policy level to the default state.

Resolve(Evidence) Resolve(Evidence) Resolve(Evidence) Resolve(Evidence)

Resolves policy based on evidence for the policy level, and returns the resulting PolicyStatement.

ResolveMatchingCodeGroups(Evidence) ResolveMatchingCodeGroups(Evidence) ResolveMatchingCodeGroups(Evidence) ResolveMatchingCodeGroups(Evidence)

Resolves policy at the policy level and returns the root of a code group tree that matches the evidence.

ToString() ToString() ToString() ToString()

Returns a string that represents the current object.

(Inherited from Object)
ToXml() ToXml() ToXml() ToXml()

Creates an XML encoding of the security object and its current state.

Applies to