Export (0) Print
Expand All

AppDomain.IsFullyTrusted Property

Gets a value that indicates whether assemblies that are loaded into the current application domain execute with full trust.

Namespace:  System
Assembly:  mscorlib (in mscorlib.dll)

public bool IsFullyTrusted { get; }

Property Value

Type: System.Boolean
true if assemblies that are loaded into the current application domain execute with full trust; otherwise, false.

This method always returns true for the default application domain of an application that runs on the desktop. It returns false for a sandboxed application domain that was created by using the AppDomain.CreateDomain(String, Evidence, AppDomainSetup, PermissionSet, StrongName[]) method overload, unless the permissions that are granted to the application domain are equivalent to full trust.

The following example demonstrates the IsFullyTrusted property and the Assembly.IsFullyTrusted property with fully trusted and partially trusted application domains. The fully trusted application domain is the default application domain for the application. The partially trusted application domain is created by using the AppDomain.CreateDomain(String, Evidence, AppDomainSetup, PermissionSet, StrongName[]) method overload.

The example uses a Worker class that derives from MarshalByRefObject, so it can be marshaled across application domain boundaries. The example creates a Worker object in the default application domain. It then calls the TestIsFullyTrusted method to display the property value for the application domain and for two assemblies that are loaded into the application domain: mscorlib, which is part of the .NET Framework, and the example assembly. The application domain is fully trusted, so both assemblies are fully trusted.

The example creates another Worker object in a sandboxed application domain and again calls the TestIsFullyTrusted method. Mscorlib is always trusted, even in a partially trusted application domain, but the example assembly is partially trusted.

using System;

namespace SimpleSandboxing
{
    public class Worker : MarshalByRefObject
    {
        static void Main()
        {
            Worker w = new Worker();
            w.TestIsFullyTrusted();

            AppDomain adSandbox = GetInternetSandbox();
            w = (Worker) adSandbox.CreateInstanceAndUnwrap(
                               typeof(Worker).Assembly.FullName,
                               typeof(Worker).FullName);
            w.TestIsFullyTrusted();
        }

        public void TestIsFullyTrusted()
        {
            AppDomain ad = AppDomain.CurrentDomain;
            Console.WriteLine("\r\nApplication domain '{0}': IsFullyTrusted = {1}",
                                        ad.FriendlyName, ad.IsFullyTrusted);

            Console.WriteLine("   IsFullyTrusted = {0} for the current assembly",
                             typeof(Worker).Assembly.IsFullyTrusted);

            Console.WriteLine("   IsFullyTrusted = {0} for mscorlib",
                                        typeof(int).Assembly.IsFullyTrusted);
        }

        // ------------ Helper method --------------------------------------- 
        static AppDomain GetInternetSandbox()
        {
            // Create the permission set to grant to all assemblies.
            System.Security.Policy.Evidence hostEvidence = new System.Security.Policy.Evidence();
            hostEvidence.AddHostEvidence(new System.Security.Policy.Zone(
                                                         System.Security.SecurityZone.Internet));
            System.Security.PermissionSet pset = 
                                System.Security.SecurityManager.GetStandardSandbox(hostEvidence);

            // Identify the folder to use for the sandbox.
            AppDomainSetup ads = new AppDomainSetup();
            ads.ApplicationBase = System.IO.Directory.GetCurrentDirectory();

            // Create the sandboxed application domain. 
            return AppDomain.CreateDomain("Sandbox", hostEvidence, ads, pset, null); 
        }
    }
}

/* This example produces output similar to the following:

Application domain 'Example.exe': IsFullyTrusted = True
   IsFullyTrusted = True for the current assembly
   IsFullyTrusted = True for mscorlib

Application domain 'Sandbox': IsFullyTrusted = False
   IsFullyTrusted = False for the current assembly
   IsFullyTrusted = True for mscorlib
 */

.NET Framework

Supported in: 4.5, 4

.NET Framework Client Profile

Supported in: 4

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Show:
© 2014 Microsoft