<trustInfo> Element (ClickOnce Application)

Describes the minimum security permissions required for the application to run on the client computer.

<trustInfo> 
   <security> 
      <applicationRequestMinimum> 
         <PermissionSet 
            ID 
            Unrestricted> 
            <IPermission 
               class 
               version 
               Unrestricted 
            /> 
         </PermissionSet> 
         <defaultAssemblyRequest 
            permissionSetReference 
         /> 
         <assemblyRequest 
            name 
            permissionSetReference 
         /> 
      </applicationRequestMinimum> 
      <requestedPrivileges> 
         <requestedExecutionLevel 
            level 
            uiAccess 
         /> 
      </requestedPrivileges> 
   </security> 
</trustInfo>

Elements and Attributes

The trustInfo element is required and is in the asm.v2 namespace. It has no attributes and contains the following elements.

security

Required. This element is a child of the trustInfo element. It contains the applicationRequestMinimum element and has no attributes.

applicationRequestMinimum

Required. This element is a child of the security element and contains the PermissionSet, assemblyRequest, and defaultAssemblyRequestelements. This element has no attributes.

PermissionSet

Required. This element is a child of the applicationRequestMinimum element and contains the IPermission element. This element has the following attributes.

Attribute

Description

ID

Required. Identifies the permission set. This attribute can be any value. The ID is referenced in the defaultAssemblyRequest and assemblyRequest attributes.

version

Required. Identifies the version of the permission. Normally this value is 1.

IPermission

Optional. This element is a child of the PermissionSet element. The IPermission element fully identifies a permission class in the .NET Framework. The IPermission element has the following attributes, but can have additional attributes that correspond to properties on the permission class. To find out the syntax for a specific permission, see the examples listed in the Security.config file.

Attribute

Description

class

Required. Identifies the permission class by strong name. For example, the following code identifies the FileDialogPermission type.

System.Security.Permissions.FileDialogPermission, mscorlib, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

version

Required. Identifies the version of the permission. Usually this value is 1.

Unrestricted

Required. Identifies whether the application needs an unrestricted grant of this permission. If true, the permission grant is unconditional. If false, or if this attribute is undefined, it is restricted according to the permission-specific attributes defined on the IPermission tag. Take the following permissions:

<IPermission
  class="System.Security.Permissions.EnvironmentPermission, mscorlib, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
  version="1" 
  Read="USERNAME" />
<IPermission
  class="System.Security.Permissions.FileDialogPermission, mscorlib, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
  version="1" 
  Unrestricted="true" />

In this example, the declaration for EnvironmentPermission restricts the application to reading only the environment variable USERNAME, whereas the declaration for FileDialogPermission gives the application unrestricted use of all FileDialog classes.

defaultAssemblyRequest   

Optional. Identifies the set of permissions granted to all assemblies. This element is a child of the applicationRequestMinimum element and has the following attributes.

Attribute

Description

permissionSetReference

Required. Identifies the ID of the permission set that is the default permission. The permission set is declared in the PermissionSet element.

assemblyRequest   

Optional. Identifies permissions for a specific assembly. This element is a child of the applicationRequestMinimum element and has the following attributes.

Attribute

Description

Name

Required. Identifies the assembly name.

permissionSetReference

Required. Identifies the ID of the permission set that this assembly requires. The permission set is declared in the PermissionSet element.

requestedPrivileges

Optional. This element is a child of the security element and contains the requestedExecutionLevel element. This element has no attributes.

requestedExecutionLevel

Optional. Identifies the security level at which the application requests to be executed. This element has no children and has the following attributes.

Attribute

Description

Level

Required. Indicates the security level the application is requesting. Possible values are:

asInvoker, requesting no additional permissions. This level requires no additional trust prompts.

highestAvailable, requesting the highest permissions available to the parent process.

requireAdministrator, requesting full administrator permissions.

ClickOnce applications will only install with a value of asInvoker. Installing with any other value will fail.

uiAccess

Optional. Indicates whether the application requires access to protected user interface elements. Values are either true or false, and the default is false. Only signed applications should have a value of true.

Remarks

If a ClickOnce application asks for more permissions than the client computer will grant by default, the common language runtime's Trust Manager will ask the user if she wants to grant the application this elevated level of trust. If she says no, the application will not run; otherwise, it will run with the requested permissions.

All permissions requested using defaultAssemblyRequest and assemblyRequest will be granted without user prompting if the deployment manifest has a valid Trust License.

For more information about Permission Elevation, see Securing ClickOnce Applications. For more information about policy deployment, see Trusted Application Deployment Overview.

Examples

The following three code examples illustrate trustInfo elements for the default named security zones—Internet, LocalIntranet, and FullTrust—for use in a ClickOnce deployment's application manifest.

The first example illustrates the trustInfo element for the default permissions available in the Internet security zone.

<trustInfo>
    <security>
      <applicationRequestMinimum>
        <PermissionSet ID="Internet">
          <IPermission
            class="System.Security.Permissions.FileDialogPermission, mscorlib, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
            version="1" 
            Access="Open" />
          <IPermission
           class="System.Security.Permissions.IsolatedStorageFilePermission, mscorlib, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
            version="1"
            Allowed="DomainIsolationByUser"
            UserQuota="10240" />
          <IPermission
            class="System.Security.Permissions.SecurityPermission, mscorlib, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
            version="1" 
            Flags="Execution" />
          <IPermission 
            class="System.Security.Permissions.UIPermission, mscorlib, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
            version="1" 
            Window="SafeTopLevelWindows"
            Clipboard="OwnClipboard" />
          <IPermission
            class="System.Drawing.Printing.PrintingPermission, System.Drawing, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
            version="1" 
            Level="SafePrinting" />
        </PermissionSet>
        <defaultAssemblyRequest permissionSetReference="Internet" />
      </applicationRequestMinimum>
    </security>
  </trustInfo>

The second example illustrates the trustInfo element for the default permissions available in the LocalIntranet security zone.

<trustInfo>
    <security>
      <applicationRequestMinimum>
        <PermissionSet ID="LocalIntranet">
          <IPermission
            class="System.Security.Permissions.EnvironmentPermission, mscorlib, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
            version="1" 
            Read="USERNAME" />
          <IPermission
            class="System.Security.Permissions.FileDialogPermission, mscorlib, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
            version="1" 
            Unrestricted="true" />
          <IPermission
            class="System.Security.Permissions.IsolatedStorageFilePermission, mscorlib, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
            version="1" 
            Allowed="AssemblyIsolationByUser"
            UserQuota="9223372036854775807"
            Expiry="9223372036854775807"
            Permanent="True" />
          <IPermission
            class="System.Security.Permissions.ReflectionPermission, mscorlib, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
            version="1" 
            Flags="ReflectionEmit" />
          <IPermission
            class="System.Security.Permissions.SecurityPermission, mscorlib, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" 
            version="1" 
            Flags="Assertion, Execution" />
          <IPermission 
            class="System.Security.Permissions.UIPermission, mscorlib, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
            version="1" 
            Unrestricted="true" />
          <IPermission
            class="System.Net.DnsPermission, System, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
            version="1" 
            Unrestricted="true" />
          <IPermission
            class="System.Drawing.Printing.PrintingPermission, System.Drawing, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"
            version="1"
            Level="DefaultPrinting" />
          <IPermission
            class="System.Diagnostics.EventLogPermission, System, Version=1.2.3300.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
            version="1" />
        </PermissionSet>
        <defaultAssemblyRequest permissionSetReference="LocalIntranet" />
      </applicationRequestMinimum>
    </security>
</trustInfo>

The third example illustrates the trustInfo element for the default permissions available in the FullTrust security zone.

<trustInfo>
  <security>
    <applicationRequestMinimum>
      <PermissionSet ID="FullTrust" Unrestricted="true" />
      <defaultAssemblyRequest permissionSetReference="FullTrust" />
    </applicationRequestMinimum>
  </security>
</trustInfo>

See Also

Reference

ClickOnce Application Manifest

Concepts

Trusted Application Deployment Overview