SecurityAction SecurityAction SecurityAction SecurityAction Enum

定義

警告

この API は現在使われていません。

宣言型セキュリティを使用して実行できるセキュリティ アクションを指定します。Specifies the security actions that can be performed using declarative security.

public enum class SecurityAction
[System.Runtime.InteropServices.ComVisible(true)]
[System.Obsolete("CAS support is not available with Silverlight applications.")]
[System.Serializable]
public enum SecurityAction
type SecurityAction = 
Public Enum SecurityAction
継承
SecurityActionSecurityActionSecurityActionSecurityAction
属性

フィールド

Assert Assert Assert Assert 3

履歴内の上位の呼び出し元がリソースへのアクセス許可を付与されていない場合であっても、呼び出し元のコードは現在のアクセス許可オブジェクトで識別されるリソースにアクセスできます (「Assert メソッドの使用」を参照)。The calling code can access the resource identified by the current permission object, even if callers higher in the stack have not been granted permission to access the resource (see Using the Assert Method).

Demand Demand Demand Demand 2

呼び出し履歴の上位にあるすべての呼び出し元には、現在のアクセス許可オブジェクトで指定されたアクセス許可が付与されている必要があります。All callers higher in the call stack are required to have been granted the permission specified by the current permission object.

Deny Deny Deny Deny 4

リソースへのアクセス許可を付与されている場合であっても、現在のアクセス許可オブジェクトによって指定されるリソースにアクセスする能力は、呼び出し元に対して拒否されます (「Deny メソッドの使用」を参照)。The ability to access the resource specified by the current permission object is denied to callers, even if they have been granted permission to access it (see Using the Deny Method).

InheritanceDemand InheritanceDemand InheritanceDemand InheritanceDemand 7

クラスを継承する派生クラスやメソッドをオーバーライドする派生クラスに、指定したアクセス許可が与えられている必要があります。The derived class inheriting the class or overriding a method is required to have been granted the specified permission.

LinkDemand LinkDemand LinkDemand LinkDemand 6

直接の呼び出し元には、指定したアクセス許可が付与されている必要があります。The immediate caller is required to have been granted the specified permission. .NET Framework 4.NET Framework 4 では使用しないでください。Do not use in the .NET Framework 4.NET Framework 4. 完全な信頼の場合、SecurityCriticalAttribute を使用します。部分的な信頼の場合は、代わりに Demand を使用します。For full trust, use SecurityCriticalAttribute instead; for partial trust, use Demand.

PermitOnly PermitOnly PermitOnly PermitOnly 5

他のリソースにアクセスできるアクセス許可がコードに付与されていても、このアクセス許可オブジェクトで指定されたリソースにしかアクセスできません。Only the resources specified by this permission object can be accessed, even if the code has been granted permission to access other resources.

RequestMinimum RequestMinimum RequestMinimum RequestMinimum 8

コードを実行するのに必要な最小限のアクセス許可の要求。The request for the minimum permissions required for code to run. この操作は、アセンブリのスコープ内でのみ使用できます。This action can only be used within the scope of the assembly.

RequestOptional RequestOptional RequestOptional RequestOptional 9

省略可能な追加のアクセス許可の要求 (実行には必要ありません)。The request for additional permissions that are optional (not required to run). この要求は、個別に要求されていない、他のすべてのアクセス許可を暗黙的に拒否します。This request implicitly refuses all other permissions not specifically requested. この操作は、アセンブリのスコープ内でのみ使用できます。This action can only be used within the scope of the assembly.

RequestRefuse RequestRefuse RequestRefuse RequestRefuse 10

誤用される可能性のあるアクセス許可が呼び出し元コードに付与されないようにする要求。The request that permissions that might be misused will not be granted to the calling code. この操作は、アセンブリのスコープ内でのみ使用できます。This action can only be used within the scope of the assembly.

この例は、コードが呼び出されたメソッドでのみ、CLR に通知する方法を示しています。 IsolatedStoragePermission、分離ストレージを読み書きする方法も示しています。This example shows how to notify the CLR that code in called methods has only IsolatedStoragePermission, and also demonstrates how to write and read from isolated storage.

using namespace System;
using namespace System::Security;
using namespace System::Security::Permissions;
using namespace System::IO::IsolatedStorage;
using namespace System::IO;


static void WriteIsolatedStorage()
{
    try
    {
        // Attempt to create a storage file that is isolated by
        // user and assembly. IsolatedStorageFilePermission
        // granted to the attribute at the top of this file
        // allows CLR to load this assembly and execution of this
        // statement.
        Stream^ fileCreateStream = gcnew
            IsolatedStorageFileStream(
            "AssemblyData",
            FileMode::Create,
            IsolatedStorageFile::GetUserStoreForAssembly());

        StreamWriter^ streamWriter = gcnew StreamWriter(
            fileCreateStream);
        try
        {
            // Write some data out to the isolated file.

            streamWriter->Write("This is some test data.");
            streamWriter->Close();	
        }
        finally
        {
            delete fileCreateStream;
            delete streamWriter;
        } 
    }
    catch (IOException^ ex)
    {
        Console::WriteLine(ex->Message);
    }

    try
    {
        Stream^ fileOpenStream =
            gcnew IsolatedStorageFileStream(
            "AssemblyData",
            FileMode::Open,
            IsolatedStorageFile::GetUserStoreForAssembly());
        // Attempt to open the file that was previously created.

        StreamReader^ streamReader = gcnew StreamReader(
            fileOpenStream);
        try
        { 
            // Read the data from the file and display it.

            Console::WriteLine(streamReader->ReadLine());
            streamReader->Close();
        }
        finally
        {
            delete fileOpenStream;
            delete streamReader;
        }
    }
    catch (FileNotFoundException^ ex)
    {
        Console::WriteLine(ex->Message);
    }
    catch (IOException^ ex)
    {
        Console::WriteLine(ex->Message);
    }
}
// Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
// This restricts the called methods to working only with storage files that are isolated 
// by user and assembly.
[IsolatedStorageFilePermission(SecurityAction::PermitOnly, UsageAllowed = IsolatedStorageContainment::AssemblyIsolationByUser)]
int main()
{
	WriteIsolatedStorage();
}

// This code produces the following output.
//
//  This is some test data.
using System;
using System.Security.Permissions;
using System.IO.IsolatedStorage;
using System.IO;

// Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
// This restricts the called methods to working only with storage files that are isolated 
// by user and assembly.
[IsolatedStorageFilePermission(SecurityAction.PermitOnly, UsageAllowed = IsolatedStorageContainment.AssemblyIsolationByUser)]
public sealed class App
{
    static void Main()
    {
        WriteIsolatedStorage();

    }
    private static void WriteIsolatedStorage()
    {
        // Attempt to create a storage file that is isolated by user and assembly.
        // IsolatedStorageFilePermission granted to the attribute at the top of this file 
        // allows CLR to load this assembly and execution of this statement.
        using (Stream s = new IsolatedStorageFileStream("AssemblyData", FileMode.Create, IsolatedStorageFile.GetUserStoreForAssembly()))
        {

            // Write some data out to the isolated file.
            using (StreamWriter sw = new StreamWriter(s))
            {
                sw.Write("This is some test data.");
            }
        }

        // Attempt to open the file that was previously created.
        using (Stream s = new IsolatedStorageFileStream("AssemblyData", FileMode.Open, IsolatedStorageFile.GetUserStoreForAssembly()))
        {
            // Read the data from the file and display it.
            using (StreamReader sr = new StreamReader(s))
            {
                Console.WriteLine(sr.ReadLine());
            }
        }
    }
}

// This code produces the following output.
//
//  Some test data.
Option Strict On
Imports System
Imports System.Security.Permissions
Imports System.IO.IsolatedStorage
Imports System.IO


' Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
' This restricts the called methods to working only with storage files that are isolated 
' by user and assembly.
<IsolatedStorageFilePermission(SecurityAction.PermitOnly, UsageAllowed:=IsolatedStorageContainment.AssemblyIsolationByUser)> _
Public NotInheritable Class App

    Shared Sub Main()
        WriteIsolatedStorage()
    End Sub 'Main
    Shared Sub WriteIsolatedStorage()
        ' Attempt to create a storage file that is isolated by user and assembly.
        ' IsolatedStorageFilePermission granted to the attribute at the top of this file 
        ' allows CLR to load this assembly and execution of this statement.
        Dim s As New IsolatedStorageFileStream("AssemblyData", FileMode.Create, IsolatedStorageFile.GetUserStoreForAssembly())
        Try

            ' Write some data out to the isolated file.
            Dim sw As New StreamWriter(s)
            Try
                sw.Write("This is some test data.")
            Finally
                sw.Dispose()
            End Try
        Finally
            s.Dispose()
        End Try

        ' Attempt to open the file that was previously created.
        Dim t As New IsolatedStorageFileStream("AssemblyData", FileMode.Open, IsolatedStorageFile.GetUserStoreForAssembly())
        Try
            ' Read the data from the file and display it.
            Dim sr As New StreamReader(t)
            Try
                Console.WriteLine(sr.ReadLine())
            Finally
                sr.Dispose()
            End Try
        Finally
            t.Dispose()
        End Try

    End Sub
End Class 'App

' This code produces the following output.
'
'  Some test data.

注釈

次の表では、各セキュリティ アクションを受け取る場所とターゲットでサポートされる時間について説明します。The following table describes the time that each security action takes place and the targets that it supports.

重要

.NET Framework 4.NET Framework 4Deny、RequestMinimum、RequestOptional、および RequestRefuse アクセス許可要求を適用するためにランタイムのサポートが削除されました。In the .NET Framework 4.NET Framework 4, runtime support has been removed for enforcing the Deny, RequestMinimum, RequestOptional, and RequestRefuse permission requests. これらの要求は、.NET Framework 4.NET Framework 4 以降に基づくコードで使用しないでください。These requests should not be used in code that is based on .NET Framework 4.NET Framework 4 or later. これと他の変更の詳細については、次を参照してください。セキュリティ変更します。For more information about this and other changes, see Security Changes.

使用しないようにするLinkDemandで、.NET Framework 4.NET Framework 4します。You should not use LinkDemand in the .NET Framework 4.NET Framework 4. 代わりに、使用、SecurityCriticalAttributeを完全に信頼されたアプリケーションは、使用量を制限するかを使用するDemand部分的に信頼された呼び出し元を制限します。Instead, use the SecurityCriticalAttribute to restrict usage to fully trusted applications, or use Demand to restrict partially trusted callers.

セキュリティ アクションの宣言Declaration of security action 操作の時刻Time of action サポートされているターゲットTargets supported
LinkDemand (使用しないでください、 .NET Framework 4.NET Framework 4)LinkDemand (do not use in the .NET Framework 4.NET Framework 4) ジャスト イン タイム コンパイルJust-in-time compilation クラス、メソッドClass, method
InheritanceDemand 読み込み時間Load time クラス、メソッドClass, method
Demand 実行時Run time クラス、メソッドClass, method
Assert 実行時Run time クラス、メソッドClass, method
Deny (では古い、 .NET Framework 4.NET Framework 4)Deny (obsolete in the .NET Framework 4.NET Framework 4) 実行時Run time クラス、メソッドClass, method
PermitOnly 実行時Run time クラス、メソッドClass, method
RequestMinimum (では古い、 .NET Framework 4.NET Framework 4)RequestMinimum (obsolete in the .NET Framework 4.NET Framework 4) 時間を与えるGrant time AssemblyAssembly
RequestOptional (では古い、 .NET Framework 4.NET Framework 4)RequestOptional (obsolete in the .NET Framework 4.NET Framework 4) 時間を与えるGrant time AssemblyAssembly
RequestRefuse (では古い、 .NET Framework 4.NET Framework 4)RequestRefuse (obsolete in the .NET Framework 4.NET Framework 4) 時間を与えるGrant time AssemblyAssembly

属性の対象の詳細については、次を参照してください。Attributeします。For additional information about attribute targets, see Attribute.

適用対象