CodeAccessPermission.PermitOnly CodeAccessPermission.PermitOnly CodeAccessPermission.PermitOnly CodeAccessPermission.PermitOnly Method


防止调用堆栈中处于较高位置的调用方通过调用此方法的代码来访问除当前实例指定的资源外的所有资源。Prevents callers higher in the call stack from using the code that calls this method to access all resources except for the resource specified by the current instance.

 void PermitOnly();
public void PermitOnly ();
member this.PermitOnly : unit -> unit
Public Sub PermitOnly ()



已存在一个用于当前帧的活动的 PermitOnly()There is already an active PermitOnly() for the current frame.



PermitOnly方法应仅用于防止完全受信任的代码意外访问资源。The PermitOnly method should be used only to protect resources from accidental access by fully trusted code. 不应使用它来防止不受信任的代码有意滥用资源。It should not be used to protect resources from intentional misuse by untrusted code. 例如, A如果方法PermitOnly发出权限的,然后调用方法B,则Assert方法B可以PermitOnly通过发出来 overtly 重写。For example, if method A issues a PermitOnly for a permission and then calls method B, method B can overtly override the PermitOnly by issuing an Assert. 调用的方法在堆栈中始终更高。The called method is always higher in the stack. 因此,如果方法B尝试访问受保护的资源,则安全系统会开始检查其权限,因为方法B是直接调用方,然后向下遍历堆栈以Deny确认没有或PermitOnly堆栈中的下限。Therefore, if method B tries to access a protected resource, the security system begins checking for permissions with it because method B is the immediate caller, and then walks down the stack to confirm that there is no Deny or PermitOnly lower in the stack. 尝试B访问资源的方法可以Assert使用方法立即停止堆栈遍历。Method B, which is trying to access the resource, can stop the stack walk immediately by using the Assert method. 在这种情况下PermitOnly ,从不会发现放置在A堆栈 by 方法(调用方法)上的。In that case, the PermitOnly placed on the stack by method A (the calling method) is never discovered.

PermitOnly类似Deny于,在这两个情况下,堆栈遍历将会失败,否则将会成功。PermitOnly is similar to Deny, in that both cause stack walks to fail when they would otherwise succeed. 不同之处在于Deny指定将导致堆栈遍历失败的权限,但PermitOnly指定不会导致堆栈遍历失败的唯一权限。The difference is that Deny specifies permissions that will cause the stack walk to fail, but PermitOnly specifies the only permissions that do not cause the stack walk to fail.

调用此方法以确保你的代码只能用于访问指定的资源。Call this method to ensure that your code can be used to access only the specified resources. 在调用代码PermitOnly返回到其调用方之前,对的调用将有效。The call to PermitOnly is effective until the calling code returns to its caller. 帧上PermitOnly只能有一个处于活动状态。Only one PermitOnly can be active on a frame. 如果在帧上PermitOnly存在活动PermitOnly时尝试调用,则会生成一个SecurityExceptionAn attempt to call PermitOnly when an active PermitOnly exists on the frame results in a SecurityException. 调用RevertPermitOnlyRevertAll删除活动PermitOnlyCall RevertPermitOnly or RevertAll to remove an active PermitOnly.

PermitOnly对于未授予的权限,将忽略,因为对该权限的请求将不会成功。PermitOnly is ignored for a permission not granted because a demand for that permission will not succeed. 但是,如果调用堆栈上较低的代码以后Demand调用了该权限SecurityException ,则当堆栈遍历到达尝试调用PermitOnly的代码时,将引发。However, if code lower on the call stack later calls Demand for that permission, a SecurityException is thrown when the stack walk reaches the code that tried to call PermitOnly. 这是因为调用PermitOnly的代码没有获得权限,即使它是为该权限调用PermitOnly的。This is because the code that called PermitOnly has not been granted the permission, even though it called PermitOnly for that permission. 调用堆栈通常表示为向下增长,因此调用堆栈中较高位置的方法调用堆栈中较低的调用方法。The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack.


不能重写此方法。You cannot override this method.