Manages the stack walk that determines whether all callers in the call stack have the required permissions to access a protected resource.
Assembly: mscorlib (in mscorlib.dll)
Thetype exposes the following members.
|Assert||Asserts that the calling code can access the resource identified by the current permission object, even if callers higher in the stack have not been granted permission to access the resource.|
|Demand||Determines at run time whether all callers in the call stack have been granted the permission specified by the current permission object.|
|Deny||Causes every Demand for the current object that passes through the calling code to fail.|
|PermitOnly||Causes every Demand for all objects except the current one that passes through the calling code to fail, even if code higher in the call stack has been granted permission to access other resources.|
Partially trusted code always presents a security risk. It can sometimes be manipulated to perform actions on behalf of malicious code that does not have permission to access a resource. In this way, malicious code can achieve higher security access than it should be allowed.
The common language runtime helps protect managed code from these attacks by running a stack walk on all calls. The stack walk requires that all code in the call stack has permission to access a protected resource. Because the code attempting the attack will always be somewhere in the call stack, it will be unable to exceed its own security permissions.