Named Permission Sets

Important noteImportant

In the .NET Framework versionĀ 4, the common language runtime (CLR) is moving away from providing security policy for computers. Microsoft is recommending the use of Windows Software Restriction Policies as a replacement for CLR security policy. The information in this topic applies to the .NET Framework version 3.5 and earlier; it does not apply to version 4.0 and later. For more information about this and other changes, see Security Changes in the .NET Framework 4.

A named permission set is a set of permissions that administrators can associate with a code group. A named permission set consists of at least one permission, and a name and description for the permission set. Administrators can use named permission sets to establish or modify the security policy for code groups. More than one code group can be associated with the same named permission set.

The following table shows the built-in named permission sets provided by the common language runtime.

Permission set

Description

Nothing

No permissions (code cannot run).

Execution

Permission to run (execute), but no permissions to use protected resources.

Internet

The default policy permission set suitable for content from unknown origin.

LocalIntranet

The default policy permission set within an enterprise.

Everything

All standard (built-in) permissions, except permission to skip verification.

FullTrust

Full access to all resources.

You cannot modify any of the built in named permission sets. However, it is possible to copy them and modify the copy using the .NET Configuration tool Microsoft Management Console (MMC) snap-in. Administrators can define custom named permission sets, as long as their names are different from the built-in named permission sets. Named permission sets cannot contain identity permissions because identity permissions are derived from evidence directly (for permission objects that implement IIdentityPermissionFactory) and are therefore not a product of normal policy evaluation.

See Also

Reference

NamedPermissionSet

Concepts

Security Permissions

Other Resources

Security Policy Management