This documentation is archived and is not being maintained.

Named Permission Sets

A named permission set is a set of permissions that administrators can associate with a code group. A named permission set consists of at least one permission, and a name and description for the permission set. Administrators can use named permission sets to establish or modify the security policy for code groups. More than one code group can be associated with the same named permission set.

The following table shows the built-in named permission sets provided by the common language runtime.

Permission setDescription
NothingNo permissions (code cannot run).
ExecutionPermission to run (execute), but no permissions to use protected resources.
InternetThe default policy permission set suitable for content from unknown origin.
LocalIntranetThe default policy permission set within an enterprise.
EverythingAll standard (built-in) permissions, except permission to skip verification.
FullTrustFull access to all resources.

You cannot modify any of the built in named permission sets. However, it is possible to copy them and modify the copy using the .NET Configuration tool Microsoft Management Console (MMC) snap-in. Administrators can define custom named permission sets as long as their names are different from the built-in named permission sets. Named permission sets cannot contain identity permissions because identity permissions are derived from evidence directly (for permission objects that implement IIdentityPermissionFactory) and are therefore not a product of normal policy evaluation.

See Also

Permissions | Security Policy Management