This documentation is archived and is not being maintained.

HostSecurityManager Class

Allows the control and customization of security behavior for application domains.


Namespace:  System.Security
Assembly:  mscorlib (in mscorlib.dll)

[SecurityPermissionAttribute(SecurityAction.InheritanceDemand, Flags = SecurityPermissionFlag.Infrastructure)]
public class HostSecurityManager

The HostSecurityManager type exposes the following members.

Public methodHostSecurityManagerInitializes a new instance of the HostSecurityManager class.

Public propertyDomainPolicy Obsolete. When overridden in a derived class, gets the security policy for the current application domain.
Public propertyFlagsGets the flag representing the security policy components of concern to the host.

Public methodDetermineApplicationTrustDetermines whether an application should be executed.
Public methodEquals(Object)Determines whether the specified Object is equal to the current Object. (Inherited from Object.)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodGenerateAppDomainEvidenceRequests a specific evidence type for the application domain.
Public methodGenerateAssemblyEvidenceRequests a specific evidence type for the assembly.
Public methodGetHashCodeServes as a hash function for a particular type. (Inherited from Object.)
Public methodGetHostSuppliedAppDomainEvidenceTypesDetermines which evidence types the host can supply for the application domain, if requested.
Public methodGetHostSuppliedAssemblyEvidenceTypesDetermines which evidence types the host can supply for the assembly, if requested.
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Public methodProvideAppDomainEvidenceProvides the application domain evidence for an assembly being loaded.
Public methodProvideAssemblyEvidenceProvides the assembly evidence for an assembly being loaded.
Public methodResolvePolicyDetermines what permissions to grant to code based on the specified evidence.
Public methodToStringReturns a string that represents the current object. (Inherited from Object.)

When you create a new AppDomain, the common language runtime queries the AppDomainManager for the presence of a HostSecurityManager, which participates in making security decisions for the AppDomain. Host providers should implement a host security manager that inherits from the HostSecurityManager class.

Notes to Inheritors

Some members of a HostSecurityManager are called whenever an assembly is loaded, either implicitly or explicitly. The ProvideAssemblyEvidence and ProvideAppDomainEvidence methods must not load any assemblies, because doing so will result in the members of the HostSecurityManager being recursively called. To avoid circular references, you should create new instances of classes that can cause assemblies to be loaded, either implicitly or explicitly, in the constructor of a class that derives from HostSecurityManager.

The following example shows a very simple implementation of a HostSecurityManager.

// To replace the default security manager with MySecurityManager, add the 
// assembly to the GAC and call MySecurityManager in the
// custom implementation of the AppDomainManager.

using System;
using System.Collections;
using System.Net;
using System.Reflection;
using System.Security;
using System.Security.Permissions;
using System.Security.Policy;
using System.Security.Principal;
using System.Threading;
using System.Runtime.InteropServices;
using System.Runtime.Hosting;

[assembly: System.Security.AllowPartiallyTrustedCallersAttribute()]
namespace MyNamespace
    [SecurityPermissionAttribute(SecurityAction.Demand, Flags = SecurityPermissionFlag.Infrastructure)]
    public class MySecurityManager : HostSecurityManager
        public MySecurityManager()
            Console.WriteLine(" Creating MySecurityManager.");

        private HostSecurityManagerOptions hostFlags = HostSecurityManagerOptions.HostDetermineApplicationTrust |
        public override HostSecurityManagerOptions Flags
                return hostFlags;

        public override Evidence ProvideAssemblyEvidence(Assembly loadedAssembly, Evidence evidence)
            Console.WriteLine("Provide assembly evidence for: " + (loadedAssembly == null ? "Unknown" : loadedAssembly.ToString()) + ".");
            if (evidence == null)
                return null;

            evidence.AddAssemblyEvidence(new CustomEvidenceType());
            return evidence;
        public override Evidence ProvideAppDomainEvidence(Evidence evidence)
            Console.WriteLine("Provide evidence for the " + AppDomain.CurrentDomain.FriendlyName + " AppDomain.");
            if (evidence == null)
                return null;

            evidence.AddHostEvidence(new CustomEvidenceType());
            return evidence;

        [SecurityPermissionAttribute(SecurityAction.Demand, Execution = true)]
        [SecurityPermissionAttribute(SecurityAction.Assert, Unrestricted = true)]
        public override ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context)
            if (applicationEvidence == null)
                throw new ArgumentNullException("applicationEvidence");

            // Get the activation context from the application evidence.
            // This HostSecurityManager does not examine the activator evidence
            // nor is it concerned with the TrustManagerContext;
            // it simply grants the requested grant in the application manifest.

            IEnumerator enumerator = applicationEvidence.GetHostEnumerator();
            ActivationArguments activationArgs = null;
            while (enumerator.MoveNext())
                activationArgs = enumerator.Current as ActivationArguments;
                if (activationArgs != null)

            if (activationArgs == null)
                return null;

            ActivationContext activationContext = activationArgs.ActivationContext;
            if (activationContext == null)
                return null;

            ApplicationTrust trust = new ApplicationTrust(activationContext.Identity);
            ApplicationSecurityInfo asi = new ApplicationSecurityInfo(activationContext);
            trust.DefaultGrantSet = new PolicyStatement(asi.DefaultRequestSet, PolicyStatementAttribute.Nothing);
            trust.IsApplicationTrustedToRun = true;
            return trust;

    public class CustomEvidenceType : EvidenceBase
        public CustomEvidenceType() { }

        public override string ToString()
            return "CustomEvidenceType";

.NET Framework

Supported in: 4, 3.5, 3.0, 2.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

  • SecurityCriticalAttribute 

    requires full trust for the immediate caller. This class cannot be used by partially trusted or transparent code.

  • InheritanceDemand 

    for full trust for inheritors. This class cannot be inherited by partially trusted code.

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.