Export (0) Print
Expand All

CodeAccessPermission::Deny Method

Note: This API is now obsolete.

Prevents callers higher in the call stack from using the code that calls this method to access the resource specified by the current instance.

Namespace:  System.Security
Assembly:  mscorlib (in mscorlib.dll)

[ObsoleteAttribute(L"Deny is obsolete and will be removed in a future release of the .NET Framework. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")]
public:
virtual void Deny() sealed

Implements

IStackWalk::Deny()

ExceptionCondition
SecurityException

There is already an active Deny for the current frame.

Important noteImportant

The Deny method should be used only to protect resources from accidental access by fully trusted code. It should not be used to protect resources from intentional misuse by untrusted code. For example, if method A issues a Deny for a permission and then calls method B, method B can overtly override the Deny by issuing an Assert. The called method is always higher in the stack. Therefore, if method B tries to access a protected resource, the security system begins checking for permissions with it because method B is the immediate caller, and then walks down the stack to confirm that there is no Deny or PermitOnly lower in the stack. Method B, which is trying to access the resource, can stop the stack walk immediately by using the Assert method. In that case, the Deny placed on the stack by method A (the calling method) is never discovered.

This method prevents callers higher in the call stack from accessing the protected resource through the code that calls this method, even if those callers have been granted permission to access it. The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack.

Deny can limit the liability of the programmer or help prevent accidental security issues because it helps prevent the method that calls Deny from being used to access the resource protected by the denied permission. If a method calls Deny on a permission, and if a Demand for that permission is invoked by a caller lower in the call stack, that security check will fail when it reaches the Deny.

The call to Deny is effective until the calling code returns to its caller. Only one Deny can be active on a frame. An attempt to call Deny when an active Deny exists on the frame results in a SecurityException. Call RevertDeny or RevertAll to remove an active Deny. Deny is ignored for a permission not granted because a demand for that permission will not succeed.

Notes to Inheritors

You cannot override this method.

.NET Framework

Supported in: 3.5, 3.0, 2.0, 1.1, 1.0
Obsolete (compiler warning) in 4.5.2
Obsolete (compiler warning) in 4.5.1
Obsolete (compiler warning) in 4.5
Obsolete (compiler warning) in 4

.NET Framework Client Profile

Supported in: 3.5 SP1
Obsolete (compiler warning) in 4

Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Show:
© 2014 Microsoft