Export (0) Print
Expand All

EnvironmentPermission Class

Controls access to system and user environment variables. This class cannot be inherited.

Namespace: System.Security.Permissions
Assembly: mscorlib (in mscorlib.dll)

[SerializableAttribute] 
[ComVisibleAttribute(true)] 
public sealed class EnvironmentPermission : CodeAccessPermission, IUnrestrictedPermission
/** @attribute SerializableAttribute() */ 
/** @attribute ComVisibleAttribute(true) */ 
public final class EnvironmentPermission extends CodeAccessPermission implements IUnrestrictedPermission
SerializableAttribute 
ComVisibleAttribute(true) 
public final class EnvironmentPermission extends CodeAccessPermission implements IUnrestrictedPermission

Environment variable names are designated by one or more case-insensitive name lists separated by semicolons, with separate lists for read and write access to the named variables. Write access includes the ability to create and delete environment variables as well as to change existing values.

Caution noteCaution

EnvironmentPermission grants permission for access to the environment variable and its value. To deny access to a variable and its value, you must deny access to it and any other variable which contains the same value. For example, to Deny access to the TMP variable and its value, %USERPROFILE%\Local Settings\Temp, you must Deny access to TMP, TEMP, and any other variable that you can use to access that value. A better technique to deal with multiple paths is to use a combination of PermitOnly and Deny. For more information on this subject and the use of PermitOnly with Deny, see "Canonicalization Problems Using Deny" in Using the Deny Method.

The following code example demonstrates the behavior of the EnvironmentPermission methods. The purpose of this example is to show the results of the methods, not to show how the methods are used.

using System;
using System.Security;
using System.Security.Permissions;
using System.Collections;

[assembly: CLSCompliant(true)]

public class EnvironmentPermissionDemo
{
    // IsSubsetOf determines whether the current permission is a subset of the specified permission.
    private bool IsSubsetOfDemo()
    {
        bool returnValue = true;
        EnvironmentPermission envPerm1 = new EnvironmentPermission(EnvironmentPermissionAccess.Read, "windir");
        EnvironmentPermission envPerm2 = new EnvironmentPermission(EnvironmentPermissionAccess.AllAccess, "TEMP");
        if (envPerm1.IsSubsetOf(envPerm2))
        {

            Console.WriteLine("'windir' is a subset of 'TEMP'\n");
        }
        else
        {
            Console.WriteLine("windir" + " is not a subset of "
                + "TEMP" + "\n");
        }
        envPerm1.SetPathList(EnvironmentPermissionAccess.Read, "TEMP");

        if (envPerm1.IsSubsetOf(envPerm2))
        {

            Console.WriteLine("Read access is a subset of AllAccess\n");
        }
        else
        {
            Console.WriteLine("Read access is not a subset of AllAccess\n");
        }

        return returnValue;
    }
    // Union creates a new permission that is the union of the current permission and the specified permission.
    private bool UnionDemo()
    {
        bool returnValue = true;
        IPermission envIdPerm3;
        EnvironmentPermission envPerm1 = new EnvironmentPermission(EnvironmentPermissionAccess.Read, "windir");
        EnvironmentPermission envPerm2 = new EnvironmentPermission(EnvironmentPermissionAccess.Read, "TEMP");
        envIdPerm3 = (EnvironmentPermission)envPerm1.Union(envPerm2);
        envIdPerm3 = envPerm1.Union(envPerm2);
        Console.WriteLine("The union of 'windir' and 'TEMP'" +
            " = " + ((EnvironmentPermission)envIdPerm3).GetPathList(EnvironmentPermissionAccess.Read).ToString());

        return returnValue;

    }
    // Intersect creates and returns a new permission that is the intersection of
    // the current permission and the permission specified.
    private bool IntersectDemo()
    {

        IPermission envIdPerm3;
        bool returnValue = true;
        EnvironmentPermission envPerm1 = new EnvironmentPermission(EnvironmentPermissionAccess.Read, "windir");
        EnvironmentPermission envPerm2 = new EnvironmentPermission(EnvironmentPermissionAccess.Read, "TEMP");
        try
        {
            envIdPerm3 = (EnvironmentPermission)envPerm1.Intersect(envPerm2);
            if (envIdPerm3 != null && ((EnvironmentPermission)envIdPerm3).GetPathList(EnvironmentPermissionAccess.Read) != null)
            {
                Console.WriteLine("The intersection of " + "windir" + " and " + "TEMP" +                    " = " + ((EnvironmentPermission)envIdPerm3).GetPathList(EnvironmentPermissionAccess.Read).ToString());
            }
            else
            {
                Console.WriteLine("The intersection of " + "windir" + " and "
                    + "TEMP" + " is null.");
            }
        }
        catch (Exception e)
        {
            Console.WriteLine("An exception was thrown for intersection : " + e);
            returnValue = false;
        }
    
        return returnValue;

    }
    //Copy creates and returns an identical copy of the current permission.
    private bool CopyDemo()
    {
        bool returnValue = true;
        EnvironmentPermission envPerm1 = new EnvironmentPermission(EnvironmentPermissionAccess.Read, "windir");
        try
        {
            EnvironmentPermission envPerm2 = (EnvironmentPermission)envPerm1.Copy();
            if (envPerm2 != null)
            {
                Console.WriteLine("Result of copy = " + envPerm2.ToString() + "\n");
            }
            else
            {
                Console.WriteLine("Result of copy is null. \n");
            }
        }
        catch (Exception e)
        {
            Console.WriteLine(e);
        }

        return returnValue;
    }
    // ToXml creates an XML encoding of the permission and its current state; FromXml reconstructs
    // a permission with the specified state from the XML encoding.
    private bool ToFromXmlDemo()
    {
        bool returnValue = true;
        EnvironmentPermission envPerm1 = new EnvironmentPermission(EnvironmentPermissionAccess.Read, "windir");
        EnvironmentPermission envPerm2 = new EnvironmentPermission(PermissionState.None);
        envPerm2.FromXml(envPerm1.ToXml());
        Console.WriteLine("Result of ToFromXml = " + envPerm2.ToString() + "\n");

        return returnValue;

    }
    // AddPathList adds access for the specified environment variables to the existing state of the permission.
    // SetPathList Sets the specified access to the specified environment variables to the existing state
    // of the permission.
    // GetPathList gets all environment variables with the specified EnvironmentPermissionAccess.
    private bool SetGetPathListDemo()
    {
        try
        {
            Console.WriteLine("********************************************************\n");
            Console.WriteLine("Creating an EnvironmentPermission with AllAccess rights for 'TMP'");
            EnvironmentPermission envPerm1 = new EnvironmentPermission(EnvironmentPermissionAccess.AllAccess, "TMP");
            Console.WriteLine("Adding 'TEMP' to the write access list, and 'windir' to the read access list.");
            envPerm1.AddPathList(EnvironmentPermissionAccess.Write, "TEMP");
            envPerm1.AddPathList(EnvironmentPermissionAccess.Read, "windir");
            Console.WriteLine("Read access list before SetPathList = "
                + envPerm1.GetPathList(EnvironmentPermissionAccess.Read));
            Console.WriteLine("Setting read access to 'TMP'");
            envPerm1.SetPathList(EnvironmentPermissionAccess.Read, "TMP");
            Console.WriteLine("Read access list after SetPathList = "
                + envPerm1.GetPathList(EnvironmentPermissionAccess.Read));
            Console.WriteLine("Write access list = " + envPerm1.GetPathList(EnvironmentPermissionAccess.Write));
            Console.WriteLine("Write access environment variables = "
                + envPerm1.GetPathList(EnvironmentPermissionAccess.AllAccess));
        }
        catch (ArgumentException e)
        {
            // EnvironmentPermissionAccess.AllAccess cannot be used as a parameter for GetPathList.
            Console.WriteLine("An ArgumentException occurred as a result of using AllAccess. "
                + " This property cannot be used as a parameter in GetPathList, because it represents "
                + "more than one type of environment variable : \n" + e);
        }

        return true;
    }
    // Invoke all demos.
    public bool RunDemo()
    {

        bool ret = true;
        bool retTmp;
        // Call IsSubsetOf demo.
        if (retTmp = IsSubsetOfDemo()) Console.Out.WriteLine("IsSubset demo completed successfully.");
        else Console.Out.WriteLine("IsSubset demo failed.");
        ret = retTmp && ret;

        // Call Union demo.
        if (retTmp = UnionDemo()) Console.Out.WriteLine("Union demo completed successfully.");
        else Console.Out.WriteLine("Union demo failed.");
        ret = retTmp && ret;

        // Call Intersect demo.
        if (retTmp = IntersectDemo()) Console.Out.WriteLine("Intersect demo completed successfully.");
        else Console.Out.WriteLine("Intersect demo failed.");
        ret = retTmp && ret;


        // Call Copy demo.
        if (retTmp = CopyDemo()) Console.Out.WriteLine("Copy demo completed successfully.");
        else Console.Out.WriteLine("Copy demo failed.");
        ret = retTmp && ret;

        // Call ToFromXml demo.
        if (retTmp = ToFromXmlDemo()) Console.Out.WriteLine("ToFromXml demo completed successfully.");
        else Console.Out.WriteLine("ToFromXml demo failed.");
        ret = retTmp && ret;

        // Call SetGetPathList demo.
        if (retTmp = SetGetPathListDemo()) Console.Out.WriteLine("SetGetPathList demo completed successfully.");
        else Console.Out.WriteLine("SetGetPathList demo failed.");
        ret = retTmp && ret;

        return (ret);

    }
    // Test harness.
    public static void Main(String[] args)
    {
        try
        {
            EnvironmentPermissionDemo democase = new EnvironmentPermissionDemo();
            bool ret = democase.RunDemo();
            if (ret)
            {
                Console.Out.WriteLine("EnvironmentPermission demo completed successfully.");
                Console.Out.WriteLine("Press the Enter key to exit.");
                string consoleInput = Console.ReadLine();
                System.Environment.ExitCode = 100;
            }
            else
            {
                Console.Out.WriteLine("EnvironmentPermission demo failed.");
                Console.Out.WriteLine("Press the Enter key to exit.");
                string consoleInput = Console.ReadLine();
                System.Environment.ExitCode = 101;
            }
        }
        catch (Exception e)
        {
            Console.Out.WriteLine("EnvironmentPermission demo failed.");
            Console.WriteLine(e.ToString());
            Console.Out.WriteLine("Press the Enter key to exit.");
            string consoleInput = Console.ReadLine();
            System.Environment.ExitCode = 101;
        }
    }
}




System.Object
   System.Security.CodeAccessPermission
    System.Security.Permissions.EnvironmentPermission

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see System Requirements.

.NET Framework

Supported in: 2.0, 1.1, 1.0

Community Additions

ADD
Show:
© 2014 Microsoft