組件繫結重新導向安全性使用權限Assembly Binding Redirection Security Permission

在應用程式組態檔中進行明確的組件繫結重新導向必須擁有安全性權限。Explicit assembly binding redirection in an application configuration file requires a security permission. 這適用於 .NET Framework 組件和協力廠商組件的重新導向。This applies to redirection of .NET Framework assemblies and assemblies from third parties. 許可權是藉由SecurityPermissionFlag SecurityPermission在上設定旗標來授與。The permission is granted by setting the SecurityPermissionFlag flag on the SecurityPermission. 受控元件預設沒有任何許可權。Managed assemblies have no permissions by default.

安全性許可權會授與在 [信任的區域 (本機電腦)] 和 [內部網路] 區域中執行的應用程式。The security permission is granted to applications running in the Trusted Zone (local machine) and Intranet Zone. 在網際網路區域中執行的應用程式, 絕對不會被禁止執行元件系結重新導向。Applications running in the Internet Zone are strictly prohibited from performing assembly binding redirection.

如果在元件發行者所控制的發行者原則檔中, 或在系統管理員所控制的電腦設定檔中執行元件重新導向, 則不需要許可權。The permission is not required if assembly redirection is performed in a publisher policy file that is controlled by the component publisher, or in the machine configuration file that is controlled by the administrator. 不過, 應用程式必須具備許可權, 才能使用應用程式佈建檔中的 <publisherPolicy apply = "no"/>元素明確忽略發行者原則。However, the permission is required for an application to explicitly ignore publisher policy using the <publisherPolicy apply="no"/> element in the application configuration file.

下表顯示BindingRedirects旗標的預設安全性設定。The following table shows the default security settings for the BindingRedirects flag.

區域Zone BindingRedirects 旗標設定BindingRedirects flag setting
信任的區域 (本機電腦)Trusted Zone (local machine) ON
內部網路區域Intranet Zone ON
網際網路區域Internet Zone OFFOFF
不受信任的區域Untrusted zones OFFOFF

系統管理員可以變更這些安全性設定, 以支援或限制指定電腦上的特定案例。An administrator can change these security settings to support or restrict specific scenarios on a given computer. 沒有任何工具可變更BindingRedirects旗標設定的預設值;系統管理員必須手動編輯使用者電腦上的安全 .config 檔案。There are no tools for changing the BindingRedirects flag setting from the default; an administrator must manually edit the Security.config file on a user's computer.

另請參閱See also