Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

HostSecurityManager Class

Note: This class is new in the .NET Framework version 2.0.

Allows the control and customization of security behavior for application domains.

Namespace: System.Security
Assembly: mscorlib (in mscorlib.dll)

public class HostSecurityManager
/** @attribute SerializableAttribute() */ 
/** @attribute ComVisibleAttribute(true) */ 
public class HostSecurityManager
public class HostSecurityManager

When you create a new AppDomain, the common language runtime queries the AppDomainManager for the presence of a HostSecurityManager, which participates in making security decisions for the AppDomain. Host providers should implement a host security manager that inherits from the HostSecurityManager class.

Notes to Inheritors Some members of a HostSecurityManager are called whenever an assembly is loaded, either implicitly or explicitly. The get accessor for the DomainPolicy property and the ProvideAssemblyEvidence and ProvideAppDomainEvidence methods must not load any assemblies, because doing so will result in the members of the HostSecurityManager being recursively called. To avoid circular references, you should create new instances of classes that can cause assemblies to be loaded, either implicitly or explicitly, in the constructor of a class that derives from HostSecurityManager.

The following code example shows a very simple implementation of a HostSecurityManager.

// To replace the default security manager with MySecurityManager, add the 
// assembly to the GAC and call MySecurityManager in the
// custom implementation of the AppDomainManager.

using System;
using System.Collections;
using System.Net;
using System.Reflection;
using System.Security;
using System.Security.Permissions;
using System.Security.Policy;
using System.Security.Principal;
using System.Threading;
using System.Runtime.InteropServices;
using System.Runtime.Hosting;

[assembly: System.Security.AllowPartiallyTrustedCallersAttribute()]
namespace MyNamespace
       [SecurityPermissionAttribute(SecurityAction.Demand, Flags=SecurityPermissionFlag.Infrastructure)]
	public class MySecurityManager : HostSecurityManager
		public MySecurityManager()
			Console.WriteLine(" Creating MySecurityManager.");

		private PolicyLevel myDomainPolicy = null;
		public override PolicyLevel DomainPolicy
				if (AppDomain.CurrentDomain.FriendlyName == "DefaultDomain" ||
					AppDomain.CurrentDomain.FriendlyName == "Compilation Domain")
					return null;

				if (myDomainPolicy == null)
					myDomainPolicy = CreateAppDomainPolicy();
				return myDomainPolicy;

		private HostSecurityManagerOptions hostFlags = HostSecurityManagerOptions.HostDetermineApplicationTrust |
		public override HostSecurityManagerOptions Flags
				return hostFlags;

		public override Evidence ProvideAssemblyEvidence(Assembly loadedAssembly, Evidence evidence)
			Console.WriteLine("Provide assembly evidence for: " + (loadedAssembly == null ? "Unknown" : loadedAssembly.ToString()) + ".");
			if (evidence == null)
				return null;

			evidence.AddAssembly(new CustomEvidenceType());
			return evidence;
		public override Evidence ProvideAppDomainEvidence(Evidence evidence)
			Console.WriteLine("Provide evidence for the " + AppDomain.CurrentDomain.FriendlyName + " AppDomain." );
			if (evidence == null)
				return null;

			evidence.AddHost(new CustomEvidenceType());
			return evidence;

        [SecurityPermissionAttribute(SecurityAction.Demand, Execution = true)]
		[SecurityPermissionAttribute(SecurityAction.Assert, Unrestricted = true)]
		public override ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context)
			if (applicationEvidence == null)
				throw new ArgumentNullException("applicationEvidence");

			// Get the activation context from the application evidence.
			// This HostSecurityManager does not examine the activator evidence
			// nor is it concerned with the TrustManagerContext;
			// it simply grants the requested grant in the application manifest.

			IEnumerator enumerator = applicationEvidence.GetHostEnumerator();
			ActivationArguments activationArgs = null;
			while (enumerator.MoveNext())
				activationArgs = enumerator.Current as ActivationArguments;
				if (activationArgs != null)

			if (activationArgs == null)
				return null;

			ActivationContext activationContext = activationArgs.ActivationContext;
			if (activationContext == null)
				return null;

			ApplicationTrust trust = new ApplicationTrust(activationContext.Identity);
			ApplicationSecurityInfo asi = new ApplicationSecurityInfo(activationContext);
			trust.DefaultGrantSet = new PolicyStatement(asi.DefaultRequestSet, PolicyStatementAttribute.Nothing);
			trust.IsApplicationTrustedToRun = true;
			return trust;

		private static NamedPermissionSet localIntranet;
		private static PolicyLevel CreateAppDomainPolicy()
			Console.WriteLine("CreateAppDomainPolicy called.");
			PolicyLevel pLevel = PolicyLevel.CreateAppDomainLevel();
			// The root code group of the policy level combines all
			// permissions of its children.
			UnionCodeGroup rootCodeGroup;
			PermissionSet ps = new PermissionSet(PermissionState.None);
			ps.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
			rootCodeGroup = new UnionCodeGroup(new AllMembershipCondition(),
				new PolicyStatement(ps, PolicyStatementAttribute.Nothing));

			// The following code limits all code on this machine to local intranet permissions
			// when running in this application domain.
			UnionCodeGroup virtualIntranet = new UnionCodeGroup(
				new ZoneMembershipCondition(SecurityZone.MyComputer),
				new PolicyStatement(localIntranet,
			virtualIntranet.Name = "Virtual Intranet";
			// Add the code groups to the policy level.
			pLevel.RootCodeGroup = rootCodeGroup;
			return pLevel;

		private static void FindNamedPermissionSet(string name)
			IEnumerator policyEnumerator = SecurityManager.PolicyHierarchy();

			while (policyEnumerator.MoveNext())
				PolicyLevel currentLevel = (PolicyLevel)policyEnumerator.Current;

				if (currentLevel.Label == "Machine")
					IList namedPermissions = currentLevel.NamedPermissionSets;
					IEnumerator namedPermission = namedPermissions.GetEnumerator();

					while (namedPermission.MoveNext())
						if (((NamedPermissionSet)namedPermission.Current).Name == name)
							Console.WriteLine("Named permission set " +
								((NamedPermissionSet)namedPermission.Current).Name + " found.");
							// Save the LocalIntranet permissions set for later use.
							localIntranet = ((NamedPermissionSet)namedPermission.Current);
    public class CustomEvidenceType
        public CustomEvidenceType() { }

        public override string ToString()
            return "CustomEvidenceType";


Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Windows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see System Requirements.

.NET Framework

Supported in: 2.0

Community Additions

© 2015 Microsoft