Export (0) Print
Expand All

CodeAccessPermission.PermitOnly Method

Updated: July 2008

Prevents callers higher in the call stack from using the code that calls this method to access all resources except for the resource specified by the current instance.

Namespace:  System.Security
Assembly:  mscorlib (in mscorlib.dll)

public final function PermitOnly()

Implements

IStackWalk.PermitOnly()

ExceptionCondition
SecurityException

There is already an active PermitOnly for the current frame.

Important noteImportant Note:

The PermitOnly method should be used only to protect resources from accidental access by fully trusted code. It should not be used to protect resources from intentional misuse by untrusted code. For example, if method A issues a PermitOnly for a permission and then calls method B, method B can overtly override the PermitOnly by issuing an Assert. The called method is always higher in the stack. Therefore, if method B tries to access a protected resource, the security system begins checking for permissions with it because method B is the immediate caller, and then walks down the stack to confirm that there is no Deny or PermitOnly lower in the stack. Method B, which is trying to access the resource, can stop the stack walk immediately by using the Assert method. In that case, the PermitOnly placed on the stack by method A (the calling method) is never discovered.

PermitOnly is similar to Deny, in that both cause stack walks to fail when they would otherwise succeed. The difference is that Deny specifies permissions that will cause the stack walk to fail, but PermitOnly specifies the only permissions that do not cause the stack walk to fail.

Call this method to ensure that your code can be used to access only the specified resources. The call to PermitOnly is effective until the calling code returns to its caller. Only one PermitOnly can be active on a frame. An attempt to call PermitOnly when an active PermitOnly exists on the frame results in a SecurityException. Call RevertPermitOnly or RevertAll to remove an active PermitOnly.

PermitOnly is ignored for a permission not granted because a demand for that permission will not succeed. However, if code lower on the call stack later calls Demand for that permission, a SecurityException is thrown when the stack walk reaches the code that tried to call PermitOnly. This is because the code that called PermitOnly has not been granted the permission, even though it called PermitOnly for that permission. The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack.

Notes to Inheritors:

You cannot override this method.

The following code example shows the use of the PermitOnly method to limit access to all resources except for the resource specified by the current instance. This code example is part of a larger example provided for the RevertAll method.

No code example is currently available or this language may not be supported.

Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

.NET Framework

Supported in: 3.5, 3.0, 2.0, 1.1, 1.0

Date

History

Reason

July 2008

Added important note about the recommended use of this method.

Customer feedback.

Community Additions

ADD
Show:
© 2014 Microsoft