SecurityAction 枚举

定义

注意

Code Access Security is not supported or honored by the runtime.

注意

CAS support is not available with Silverlight applications.

指定可以使用声明性安全执行的安全操作。

public enum class SecurityAction
[System.Obsolete("Code Access Security is not supported or honored by the runtime.", DiagnosticId="SYSLIB0003", UrlFormat="https://aka.ms/dotnet-warnings/{0}")]
public enum SecurityAction
public enum SecurityAction
[System.Serializable]
public enum SecurityAction
[System.Serializable]
[System.Runtime.InteropServices.ComVisible(true)]
public enum SecurityAction
[System.Serializable]
[System.Runtime.InteropServices.ComVisible(true)]
[System.Obsolete("CAS support is not available with Silverlight applications.")]
public enum SecurityAction
[<System.Obsolete("Code Access Security is not supported or honored by the runtime.", DiagnosticId="SYSLIB0003", UrlFormat="https://aka.ms/dotnet-warnings/{0}")>]
type SecurityAction = 
type SecurityAction = 
[<System.Serializable>]
type SecurityAction = 
[<System.Serializable>]
[<System.Runtime.InteropServices.ComVisible(true)>]
type SecurityAction = 
[<System.Serializable>]
[<System.Runtime.InteropServices.ComVisible(true)>]
[<System.Obsolete("CAS support is not available with Silverlight applications.")>]
type SecurityAction = 
Public Enum SecurityAction
继承
SecurityAction
属性

字段

Assert 3

调用代码可以访问当前权限对象所标识的资源,即使尚未对堆栈中的高级调用方授予访问该资源的权限(请参阅使用断言方法)。

Demand 2

要求调用堆栈中的所有高级调用方已被授予当前权限对象所指定的权限。

Deny 4

即使调用方已被授予访问权限,也会拒绝其访问当前权限对象指定的资源的能力(参见使用 Deny 方法)。

InheritanceDemand 7

要求继承此类或重写某一方法的派生类已被授予了指定的权限。

LinkDemand 6

要求直接调用方已被授予指定的权限。 请勿在 .NET Framework 4 中使用。 对于完全信任,请改用 SecurityCriticalAttribute;对于部分信任,请使用 Demand

PermitOnly 5

仅可以访问此权限对象所指定的资源,即使代码已被授予访问其他资源的权限。

RequestMinimum 8

代码运行所需的最低权限请求。 此操作仅可以在程序集的作用域内使用。

RequestOptional 9

可选的其他权限请求(不要求运行)。 此请求隐式拒绝所有未明确请求的其他权限。 此操作仅可以在程序集的作用域内使用。

RequestRefuse 10

可能被误用的权限将不授予给调用代码的请求。 此操作仅可以在程序集的作用域内使用。

示例

此示例演示如何通知 CLR 调用方法中的代码仅 IsolatedStoragePermission包含,并演示如何从独立存储中写入和读取。

using namespace System;
using namespace System::Security;
using namespace System::Security::Permissions;
using namespace System::IO::IsolatedStorage;
using namespace System::IO;


static void WriteIsolatedStorage()
{
    try
    {
        // Attempt to create a storage file that is isolated by
        // user and assembly. IsolatedStorageFilePermission
        // granted to the attribute at the top of this file
        // allows CLR to load this assembly and execution of this
        // statement.
        Stream^ fileCreateStream = gcnew
            IsolatedStorageFileStream(
            "AssemblyData",
            FileMode::Create,
            IsolatedStorageFile::GetUserStoreForAssembly());

        StreamWriter^ streamWriter = gcnew StreamWriter(
            fileCreateStream);
        try
        {
            // Write some data out to the isolated file.

            streamWriter->Write("This is some test data.");
            streamWriter->Close();	
        }
        finally
        {
            delete fileCreateStream;
            delete streamWriter;
        } 
    }
    catch (IOException^ ex)
    {
        Console::WriteLine(ex->Message);
    }

    try
    {
        Stream^ fileOpenStream =
            gcnew IsolatedStorageFileStream(
            "AssemblyData",
            FileMode::Open,
            IsolatedStorageFile::GetUserStoreForAssembly());
        // Attempt to open the file that was previously created.

        StreamReader^ streamReader = gcnew StreamReader(
            fileOpenStream);
        try
        { 
            // Read the data from the file and display it.

            Console::WriteLine(streamReader->ReadLine());
            streamReader->Close();
        }
        finally
        {
            delete fileOpenStream;
            delete streamReader;
        }
    }
    catch (FileNotFoundException^ ex)
    {
        Console::WriteLine(ex->Message);
    }
    catch (IOException^ ex)
    {
        Console::WriteLine(ex->Message);
    }
}
// Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
// This restricts the called methods to working only with storage files that are isolated 
// by user and assembly.
[IsolatedStorageFilePermission(SecurityAction::PermitOnly, UsageAllowed = IsolatedStorageContainment::AssemblyIsolationByUser)]
int main()
{
    WriteIsolatedStorage();
}

// This code produces the following output.
//
//  This is some test data.
using System;
using System.Security.Permissions;
using System.IO.IsolatedStorage;
using System.IO;

// Notify the CLR to only grant IsolatedStorageFilePermission to called methods.
// This restricts the called methods to working only with storage files that are isolated
// by user and assembly.
[IsolatedStorageFilePermission(SecurityAction.PermitOnly, UsageAllowed = IsolatedStorageContainment.AssemblyIsolationByUser)]
public sealed class App
{
    static void Main()
    {
        WriteIsolatedStorage();
    }
    private static void WriteIsolatedStorage()
    {
        // Attempt to create a storage file that is isolated by user and assembly.
        // IsolatedStorageFilePermission granted to the attribute at the top of this file
        // allows CLR to load this assembly and execution of this statement.
        using (Stream s = new IsolatedStorageFileStream("AssemblyData", FileMode.Create, IsolatedStorageFile.GetUserStoreForAssembly()))
        {

            // Write some data out to the isolated file.
            using (StreamWriter sw = new StreamWriter(s))
            {
                sw.Write("This is some test data.");
            }
        }

        // Attempt to open the file that was previously created.
        using (Stream s = new IsolatedStorageFileStream("AssemblyData", FileMode.Open, IsolatedStorageFile.GetUserStoreForAssembly()))
        {
            // Read the data from the file and display it.
            using (StreamReader sr = new StreamReader(s))
            {
                Console.WriteLine(sr.ReadLine());
            }
        }
    }
}

// This code produces the following output.
//
//  Some test data.
Option Strict On
Imports System.Security.Permissions
Imports System.IO.IsolatedStorage
Imports System.IO


' Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
' This restricts the called methods to working only with storage files that are isolated 
' by user and assembly.
<IsolatedStorageFilePermission(SecurityAction.PermitOnly, UsageAllowed:=IsolatedStorageContainment.AssemblyIsolationByUser)> _
Public NotInheritable Class App

    Shared Sub Main()
        WriteIsolatedStorage()
    End Sub
    Shared Sub WriteIsolatedStorage()
        ' Attempt to create a storage file that is isolated by user and assembly.
        ' IsolatedStorageFilePermission granted to the attribute at the top of this file 
        ' allows CLR to load this assembly and execution of this statement.
        Dim s As New IsolatedStorageFileStream("AssemblyData", FileMode.Create, IsolatedStorageFile.GetUserStoreForAssembly())
        Try

            ' Write some data out to the isolated file.
            Dim sw As New StreamWriter(s)
            Try
                sw.Write("This is some test data.")
            Finally
                sw.Dispose()
            End Try
        Finally
            s.Dispose()
        End Try

        ' Attempt to open the file that was previously created.
        Dim t As New IsolatedStorageFileStream("AssemblyData", FileMode.Open, IsolatedStorageFile.GetUserStoreForAssembly())
        Try
            ' Read the data from the file and display it.
            Dim sr As New StreamReader(t)
            Try
                Console.WriteLine(sr.ReadLine())
            Finally
                sr.Dispose()
            End Try
        Finally
            t.Dispose()
        End Try

    End Sub
End Class

' This code produces the following output.
'
'  Some test data.

注解

注意

代码访问安全性 (CAS) 已在所有版本的 .NET Framework 和 .NET 中弃用。 使用与 CAS 相关的 API 时,最新版本的 .NET 不遵循 CAS 注释并生成错误。 开发人员应寻求实现安全任务的替代方法。

下表描述了每个安全操作的时间及其支持的目标。

重要

在 .NET Framework 4 中,已删除运行时支持,以强制实施 Deny、RequestMinimum、RequestOptional 和 RequestRefuse 权限请求。 不应在基于 .NET Framework 4 或更高版本的代码中使用这些请求。 有关此更改和其他更改的详细信息,请参阅 安全更改

不应在 .NET Framework 4 中使用LinkDemand。 而是使用 SecurityCriticalAttribute 限制使用完全受信任的应用程序,或使用 Demand 限制部分受信任的调用方。

安全操作声明 操作时间 支持的目标
LinkDemand (在 .NET Framework 4) 中不使用 实时编译 类、方法
InheritanceDemand 加载时间 类、方法
Demand 运行时 类、方法
Assert 运行时 类、方法
Deny.NET Framework 4) 中已过时 ( 运行时 类、方法
PermitOnly 运行时 类、方法
RequestMinimum.NET Framework 4) 中已过时 ( 授予时间 程序集
RequestOptional.NET Framework 4) 中已过时 ( 授予时间 程序集
RequestRefuse.NET Framework 4) 中已过时 ( 授予时间 程序集

有关属性目标的其他信息,请参阅 Attribute

适用于