SecurityAction SecurityAction SecurityAction SecurityAction Enum

Definition

선언적 보안을 사용하여 수행할 수 있는 보안 작업을 지정합니다. Specifies the security actions that can be performed using declarative security.

public enum class SecurityAction
[System.Runtime.InteropServices.ComVisible(true)]
[System.Obsolete("CAS support is not available with Silverlight applications.")]
[Serializable]
public enum SecurityAction
type SecurityAction = 
Public Enum SecurityAction
Inheritance
SecurityActionSecurityActionSecurityActionSecurityAction
Attributes
ComVisibleAttribute ObsoleteAttribute SerializableAttribute

Fields

Assert Assert Assert Assert 3

스택의 상위 호출자에게 리소스에 액세스할 수 있는 권한이 부여되지 않더라도 호출 코드에서 현재 사용 권한 개체로 식별되는 리소스에 액세스할 수 있습니다(Assert 메서드 사용 참조). The calling code can access the resource identified by the current permission object, even if callers higher in the stack have not been granted permission to access the resource (see Using the Assert Method).

Demand Demand Demand Demand 2

호출 스택의 상위에 있는 모든 호출자에게 현재 사용 권한 개체가 지정한 사용 권한이 부여되었어야 합니다. All callers higher in the call stack are required to have been granted the permission specified by the current permission object.

Deny Deny Deny Deny 4

스택의 상위 호출자에게 리소스에 액세스할 수 있는 권한이 부여되더라도 현재 사용 권한 개체로 식별되는 리소스에 액세스할 수 있습니다(Deny 메서드 사용 참조). The ability to access the resource specified by the current permission object is denied to callers, even if they have been granted permission to access it (see Using the Deny Method).

InheritanceDemand InheritanceDemand InheritanceDemand InheritanceDemand 7

클래스를 상속하거나 메서드를 재정의하는 파생된 클래스에 지정된 사용 권한이 부여되었어야 합니다. The derived class inheriting the class or overriding a method is required to have been granted the specified permission..

LinkDemand LinkDemand LinkDemand LinkDemand 6

직접 실행 호출자에게 지정된 사용 권한이 부여되었어야 합니다. The immediate caller is required to have been granted the specified permission. .NET Framework 4.NET Framework 4에서 사용하지 않습니다. Do not use in the .NET Framework 4.NET Framework 4. 완전 신뢰의 경우 SecurityCriticalAttribute를 사용하고, 부분 신뢰의 경우 Demand를 사용합니다. For full trust, use SecurityCriticalAttribute instead; for partial trust, use Demand.

PermitOnly PermitOnly PermitOnly PermitOnly 5

코드에 다른 리소스에 액세스할 수 있는 권한이 부여되더라도 이 권한 개체가 지정한 리소스에만 액세스할 수 있습니다. Only the resources specified by this permission object can be accessed, even if the code has been granted permission to access other resources.

RequestMinimum RequestMinimum RequestMinimum RequestMinimum 8

코드를 실행하는 데 필요한 최소 사용 권한에 대한 요청입니다. The request for the minimum permissions required for code to run. 이 작업은 어셈블리 범위 내에서만 사용할 수 있습니다. This action can only be used within the scope of the assembly.

RequestOptional RequestOptional RequestOptional RequestOptional 9

선택적인 추가 사용 권한에 대한 요청입니다(실행하는 데 필수는 아님). The request for additional permissions that are optional (not required to run). 이 요청은 특별히 요청되지 않은 다른 모든 사용 권한을 암시적으로 거부합니다. This request implicitly refuses all other permissions not specifically requested. 이 작업은 어셈블리 범위 내에서만 사용할 수 있습니다. This action can only be used within the scope of the assembly.

RequestRefuse RequestRefuse RequestRefuse RequestRefuse 10

잘못 사용될 수 있는 사용 권한을 호출 코드에 부여하지 않도록 하는 요청입니다. The request that permissions that might be misused will not be granted to the calling code. 이 작업은 어셈블리 범위 내에서만 사용할 수 있습니다. This action can only be used within the scope of the assembly.

Examples

이 예제에는 호출된 메서드의 코드에는 CLR에 알려야 하는 방법을 보여 줍니다 IsolatedStoragePermission, 격리 된 저장소에서 읽고 쓰는 방법을 보여 줍니다.This example shows how to notify the CLR that code in called methods has only IsolatedStoragePermission, and also demonstrates how to write and read from isolated storage.

using namespace System;
using namespace System::Security;
using namespace System::Security::Permissions;
using namespace System::IO::IsolatedStorage;
using namespace System::IO;


static void WriteIsolatedStorage()
{
    try
    {
        // Attempt to create a storage file that is isolated by
        // user and assembly. IsolatedStorageFilePermission
        // granted to the attribute at the top of this file
        // allows CLR to load this assembly and execution of this
        // statement.
        Stream^ fileCreateStream = gcnew
            IsolatedStorageFileStream(
            "AssemblyData",
            FileMode::Create,
            IsolatedStorageFile::GetUserStoreForAssembly());

        StreamWriter^ streamWriter = gcnew StreamWriter(
            fileCreateStream);
        try
        {
            // Write some data out to the isolated file.

            streamWriter->Write("This is some test data.");
            streamWriter->Close();	
        }
        finally
        {
            delete fileCreateStream;
            delete streamWriter;
        } 
    }
    catch (IOException^ ex)
    {
        Console::WriteLine(ex->Message);
    }

    try
    {
        Stream^ fileOpenStream =
            gcnew IsolatedStorageFileStream(
            "AssemblyData",
            FileMode::Open,
            IsolatedStorageFile::GetUserStoreForAssembly());
        // Attempt to open the file that was previously created.

        StreamReader^ streamReader = gcnew StreamReader(
            fileOpenStream);
        try
        { 
            // Read the data from the file and display it.

            Console::WriteLine(streamReader->ReadLine());
            streamReader->Close();
        }
        finally
        {
            delete fileOpenStream;
            delete streamReader;
        }
    }
    catch (FileNotFoundException^ ex)
    {
        Console::WriteLine(ex->Message);
    }
    catch (IOException^ ex)
    {
        Console::WriteLine(ex->Message);
    }
}
// Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
// This restricts the called methods to working only with storage files that are isolated 
// by user and assembly.
[IsolatedStorageFilePermission(SecurityAction::PermitOnly, UsageAllowed = IsolatedStorageContainment::AssemblyIsolationByUser)]
int main()
{
	WriteIsolatedStorage();
}

// This code produces the following output.
//
//  This is some test data.
using System;
using System.Security.Permissions;
using System.IO.IsolatedStorage;
using System.IO;

// Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
// This restricts the called methods to working only with storage files that are isolated 
// by user and assembly.
[IsolatedStorageFilePermission(SecurityAction.PermitOnly, UsageAllowed = IsolatedStorageContainment.AssemblyIsolationByUser)]
public sealed class App
{
    static void Main()
    {
        WriteIsolatedStorage();

    }
    private static void WriteIsolatedStorage()
    {
        // Attempt to create a storage file that is isolated by user and assembly.
        // IsolatedStorageFilePermission granted to the attribute at the top of this file 
        // allows CLR to load this assembly and execution of this statement.
        using (Stream s = new IsolatedStorageFileStream("AssemblyData", FileMode.Create, IsolatedStorageFile.GetUserStoreForAssembly()))
        {

            // Write some data out to the isolated file.
            using (StreamWriter sw = new StreamWriter(s))
            {
                sw.Write("This is some test data.");
            }
        }

        // Attempt to open the file that was previously created.
        using (Stream s = new IsolatedStorageFileStream("AssemblyData", FileMode.Open, IsolatedStorageFile.GetUserStoreForAssembly()))
        {
            // Read the data from the file and display it.
            using (StreamReader sr = new StreamReader(s))
            {
                Console.WriteLine(sr.ReadLine());
            }
        }
    }
}

// This code produces the following output.
//
//  Some test data.
Option Strict On
Imports System
Imports System.Security.Permissions
Imports System.IO.IsolatedStorage
Imports System.IO


' Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
' This restricts the called methods to working only with storage files that are isolated 
' by user and assembly.
<IsolatedStorageFilePermission(SecurityAction.PermitOnly, UsageAllowed:=IsolatedStorageContainment.AssemblyIsolationByUser)> _
Public NotInheritable Class App

    Shared Sub Main()
        WriteIsolatedStorage()
    End Sub 'Main
    Shared Sub WriteIsolatedStorage()
        ' Attempt to create a storage file that is isolated by user and assembly.
        ' IsolatedStorageFilePermission granted to the attribute at the top of this file 
        ' allows CLR to load this assembly and execution of this statement.
        Dim s As New IsolatedStorageFileStream("AssemblyData", FileMode.Create, IsolatedStorageFile.GetUserStoreForAssembly())
        Try

            ' Write some data out to the isolated file.
            Dim sw As New StreamWriter(s)
            Try
                sw.Write("This is some test data.")
            Finally
                sw.Dispose()
            End Try
        Finally
            s.Dispose()
        End Try

        ' Attempt to open the file that was previously created.
        Dim t As New IsolatedStorageFileStream("AssemblyData", FileMode.Open, IsolatedStorageFile.GetUserStoreForAssembly())
        Try
            ' Read the data from the file and display it.
            Dim sr As New StreamReader(t)
            Try
                Console.WriteLine(sr.ReadLine())
            Finally
                sr.Dispose()
            End Try
        Finally
            t.Dispose()
        End Try

    End Sub
End Class 'App

' This code produces the following output.
'
'  Some test data.

Remarks

다음 표에서 각 보안 작업 위치 및 지원 되는 대상을 사용 하는 시간을 설명 합니다.The following table describes the time that each security action takes place and the targets that it supports.

중요

.NET Framework 4.NET Framework 4, Deny, RequestMinimum, RequestOptional 및 RequestRefuse 권한 요청 적용에 대 한 런타임 지원이 제거 되었습니다.In the .NET Framework 4.NET Framework 4, runtime support has been removed for enforcing the Deny, RequestMinimum, RequestOptional, and RequestRefuse permission requests. .NET Framework 4.NET Framework 4 이상을 기반으로 하는 코드에서는 이러한 요청을 사용하면 안 됩니다.These requests should not be used in code that is based on .NET Framework 4.NET Framework 4 or later. 코드 및 기타 변경 내용에 대 한 자세한 내용은 참조 하세요. 보안 변경 내용합니다.For more information about this and other changes, see Security Changes.

사용 하지 않아야 LinkDemand.NET Framework 4.NET Framework 4합니다.You should not use LinkDemand in the .NET Framework 4.NET Framework 4. 대신 합니다 SecurityCriticalAttribute 완전히 신뢰할 수 있는 응용 프로그램 사용을 제한 하거나 사용 하 여 Demand 부분적으로 신뢰할 수 있는 호출자를 제한 하 합니다.Instead, use the SecurityCriticalAttribute to restrict usage to fully trusted applications, or use Demand to restrict partially trusted callers.

보안 동작의 선언Declaration of security action 동작 시간Time of action 지원 되는 대상Targets supported
LinkDemand (에서 사용 하지 마십시오는 .NET Framework 4.NET Framework 4)LinkDemand (do not use in the .NET Framework 4.NET Framework 4) Just-in-time 컴파일Just-in-time compilation 클래스, 메서드Class, method
InheritanceDemand 로드 시간Load time 클래스, 메서드Class, method
Demand 런타임Run time 클래스, 메서드Class, method
Assert 런타임Run time 클래스, 메서드Class, method
Deny (에서 사용 되지 않는 .NET Framework 4.NET Framework 4)Deny (obsolete in the .NET Framework 4.NET Framework 4) 런타임Run time 클래스, 메서드Class, method
PermitOnly 런타임Run time 클래스, 메서드Class, method
RequestMinimum (에서 사용 되지 않는 .NET Framework 4.NET Framework 4)RequestMinimum (obsolete in the .NET Framework 4.NET Framework 4) 권한 부여 시간Grant time AssemblyAssembly
RequestOptional (에서 사용 되지 않는 .NET Framework 4.NET Framework 4)RequestOptional (obsolete in the .NET Framework 4.NET Framework 4) 권한 부여 시간Grant time AssemblyAssembly
RequestRefuse (에서 사용 되지 않는 .NET Framework 4.NET Framework 4)RequestRefuse (obsolete in the .NET Framework 4.NET Framework 4) 권한 부여 시간Grant time AssemblyAssembly

특성 대상에 대 한 자세한 내용은 참조 하세요. Attribute합니다.For additional information about attribute targets, see Attribute.

Applies to