SocketPermission Class


The .NET API Reference documentation has a new home. Visit the .NET API Browser on to see the new experience.

Controls rights to make or accept connections on a transport address.

Namespace:   System.Net
Assembly:  System (in System.dll)

Public NotInheritable Class SocketPermission
	Inherits CodeAccessPermission
	Implements IUnrestrictedPermission

System_CAPS_pubmethodSocketPermission(NetworkAccess, TransportType, String, Int32)

Initializes a new instance of the SocketPermission class for the given transport address with the specified permission.


Initializes a new instance of the SocketPermission class that allows unrestricted access to the Socket or disallows access to the Socket.


Gets a list of EndpointPermission instances that identifies the endpoints that can be accepted under this permission instance.


Gets a list of EndpointPermission instances that identifies the endpoints that can be connected to under this permission instance.

System_CAPS_pubmethodAddPermission(NetworkAccess, TransportType, String, Int32)

Adds a permission to the set of permissions for a transport address.


Declares that the calling code can access the resource protected by a permission demand through the code that calls this method, even if callers higher in the stack have not been granted permission to access the resource. Using Assert can create security issues.(Inherited from CodeAccessPermission.)


Creates a copy of a SocketPermission instance.(Overrides CodeAccessPermission.Copy().)


Forces a SecurityException at run time if all callers higher in the call stack have not been granted the permission specified by the current instance.(Inherited from CodeAccessPermission.)


Obsolete. Prevents callers higher in the call stack from using the code that calls this method to access the resource specified by the current instance.(Inherited from CodeAccessPermission.)


Determines whether the specified CodeAccessPermission object is equal to the current CodeAccessPermission.(Inherited from CodeAccessPermission.)


Reconstructs a SocketPermission instance for an XML encoding.(Overrides CodeAccessPermission.FromXml(SecurityElement).)


Gets a hash code for the CodeAccessPermission object that is suitable for use in hashing algorithms and data structures such as a hash table.(Inherited from CodeAccessPermission.)


Gets the Type of the current instance.(Inherited from Object.)


Returns the logical intersection between two SocketPermission instances.(Overrides CodeAccessPermission.Intersect(IPermission).)


Determines if the current permission is a subset of the specified permission.(Overrides CodeAccessPermission.IsSubsetOf(IPermission).)


Checks the overall permission state of the object.


Prevents callers higher in the call stack from using the code that calls this method to access all resources except for the resource specified by the current instance.(Inherited from CodeAccessPermission.)


Creates and returns a string representation of the current permission object.(Inherited from CodeAccessPermission.)


Creates an XML encoding of a SocketPermission instance and its current state.(Overrides CodeAccessPermission.ToXml().)


Returns the logical union between two SocketPermission instances.(Overrides CodeAccessPermission.Union(IPermission).)


Defines a constant that represents all ports.

SocketPermission instances control permission to accept connections or initiate Socket connections. A Socket permission can be established for a host name or IP address, a port number, and a transport protocol.


Avoid creating socket permissions using host names, as these names have to be resolved to IP addresses, and this might block the stack.

The following example demonstrates how to use the SocketPermission class to set, change, and enforce various socket access restrictions.

   ' Creates a SocketPermission restricting access to and from all URIs.
   Dim mySocketPermission1 As New SocketPermission(PermissionState.None)

   ' The socket to which this permission will apply will allow connections from
   mySocketPermission1.AddPermission(NetworkAccess.Accept, TransportType.Tcp, "", 11000)

   ' Creates a SocketPermission which will allow the target Socket to connect with
   Dim mySocketPermission2 As New SocketPermission(NetworkAccess.Connect, TransportType.Tcp, "", 11002)

   ' Creates a SocketPermission from the union of two SocketPermissions.
   Dim mySocketPermissionUnion As SocketPermission = CType(mySocketPermission1.Union(mySocketPermission2), SocketPermission)

   ' Checks to see if the union was successfully created by using the IsSubsetOf method.
   If mySocketPermission1.IsSubsetOf(mySocketPermissionUnion) And mySocketPermission2.IsSubsetOf(mySocketPermissionUnion) Then
      Console.WriteLine("This union contains permissions from both mySocketPermission1 and mySocketPermission2")

      ' Prints the allowable accept URIs to the console.
      Console.WriteLine("This union accepts connections on :")

      Dim myEnumerator As IEnumerator = mySocketPermissionUnion.AcceptList
      While myEnumerator.MoveNext()
         Console.WriteLine(CType(myEnumerator.Current, EndpointPermission).ToString())
      End While

      Console.WriteLine("This union establishes connections on : ")

      ' Prints the allowable connect URIs to the console.
      Console.WriteLine("This union permits connections to :")

      myEnumerator = mySocketPermissionUnion.ConnectList
      While myEnumerator.MoveNext()
         Console.WriteLine(CType(myEnumerator.Current, EndpointPermission).ToString())
      End While
   End If 
   ' Creates a SocketPermission from the intersect of two SocketPermissions.
   Dim mySocketPermissionIntersect As SocketPermission = CType(mySocketPermission1.Intersect(mySocketPermissionUnion), SocketPermission)

   ' mySocketPermissionIntersect should now contain the permissions of mySocketPermission1.
   If mySocketPermission1.IsSubsetOf(mySocketPermissionIntersect) Then
      Console.WriteLine("This is expected")
   End If
   ' mySocketPermissionIntersect should not contain the permissios of mySocketPermission2.
   If mySocketPermission2.IsSubsetOf(mySocketPermissionIntersect) Then
      Console.WriteLine("This should not print")
   End If

   ' Creates a copy of the intersect SocketPermission.
   Dim mySocketPermissionIntersectCopy As SocketPermission = CType(mySocketPermissionIntersect.Copy(), SocketPermission)

   If mySocketPermissionIntersectCopy.Equals(mySocketPermissionIntersect) Then
      Console.WriteLine("Copy successfull")
   End If
   ' Converts a SocketPermission to XML format and then immediately converts it back to a SocketPermission.

   ' Checks to see if permission for this socket resource is unrestricted.  If it is, then there is no need to
   ' demand that permissions be enforced.
   If mySocketPermissionUnion.IsUnrestricted() Then

   'Do nothing.  There are no restrictions.
      ' Enforces the permissions found in mySocketPermissionUnion on any Socket Resources used below this statement. 
   End If

   Dim myIpHostEntry As IPHostEntry = Dns.Resolve("")
   Dim myLocalEndPoint As New IPEndPoint(myIpHostEntry.AddressList(0), 11000)

   Dim s As New Socket(myLocalEndPoint.Address.AddressFamily, SocketType.Stream, ProtocolType.Tcp)
   Catch e As Exception
      Console.WriteLine(("Exception Thrown: " + e.ToString()))
   End Try

   ' Perform all socket operations in here.
End Sub 'MySocketPermission

.NET Framework
Available since 1.1

Any public static ( Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Return to top