SecurityAction Enumeration
Collapse the table of content
Expand the table of content

SecurityAction Enumeration

Specifies the security actions that can be performed using declarative security.

Namespace: System.Security.Permissions
Assembly: mscorlib (in mscorlib.dll)

public enum SecurityAction
/** @attribute SerializableAttribute() */ 
/** @attribute ComVisibleAttribute(true) */ 
public enum SecurityAction
public enum SecurityAction

 Member nameDescription
AssertThe calling code can access the resource identified by the current permission object, even if callers higher in the stack have not been granted permission to access the resource (see [<topic://cpconassert>]). 
DemandAll callers higher in the call stack are required to have been granted the permission specified by the current permission object (see [<topic://cpconmakingsecuritydemands>]). 
DenyThe ability to access the resource specified by the current permission object is denied to callers, even if they have been granted permission to access it (see [<topic://cpcondeny>]). 
InheritanceDemandThe derived class inheriting the class or overriding a method is required to have been granted the specified permission. For more information, see Inheritance Demands
Supported by the .NET Compact FrameworkLinkDemandThe immediate caller is required to have been granted the specified permission. 

For more information, see Link Demands. For more information about declarative security and link demands, see [<topic://cpconDeclarativeSecurityUsedWithClassMemberScope>].

PermitOnlyOnly the resources specified by this permission object can be accessed, even if the code has been granted permission to access other resources (see [<topic://cpconpermitonly>]). 
RequestMinimumThe request for the minimum permissions required for code to run. This action can only be used within the scope of the assembly. 
RequestOptionalThe request for additional permissions that are optional (not required to run). This request implicitly refuses all other permissions not specifically requested. This action can only be used within the scope of the assembly.  
RequestRefuseThe request that permissions that might be misused will not be granted to the calling code. This action can only be used within the scope of the assembly. 

The following table describes the time that each of the security actions takes place and the targets that each supports.

Declaration of security action

Time of action

Targets supported


Just-in-time compilation

Class, Method


Load time

Class, Method


Run time

Class, Method


Run time

Class, Method


Run time

Class, Method


Run time

Class, Method


Grant time



Grant time



Grant time


For additional information about attribute targets, see Attribute.

This example shows how to tell the CLR that code in this assembly requires the IsolatedStoragePermission and also demonstrates how to write and read from isolated storage.

using System;
using System.Security.Permissions;
using System.IO.IsolatedStorage;
using System.IO;

// Notify the CLR to grant this assembly the IsolatedStorageFilePermission. 
// This allows the assembly to work with storage files that are isolated 
// by user and assembly.
[assembly: IsolatedStorageFilePermission(SecurityAction.RequestMinimum, UsageAllowed = IsolatedStorageContainment.AssemblyIsolationByUser)]

public sealed class App
    static void Main()
        // Attempt to create a storage file that is isolated by user and assembly.
        // IsolatedStorageFilePermission granted to the attribute at the top of this file 
        // allows CLR to load this assembly and execution of this statement.
        using (Stream s = new IsolatedStorageFileStream("AssemblyData", FileMode.Create, IsolatedStorageFile.GetUserStoreForAssembly()))
             // Write some data out to the isolated file.
             using (StreamWriter sw = new StreamWriter(s))
                sw.Write("This is some test data.");

        // Attempt to open the file that was previously created.
        using (Stream s = new IsolatedStorageFileStream("AssemblyData", FileMode.Open, IsolatedStorageFile.GetUserStoreForAssembly()))
             // Read the data from the file and display it.
             using (StreamReader sr = new StreamReader(s))

// This code produces the following output.
//  Some test data.

Windows 98, Windows Server 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition

The Microsoft .NET Framework 3.0 is supported on Windows Vista, Microsoft Windows XP SP2, and Windows Server 2003 SP1.

.NET Framework

Supported in: 3.0, 2.0, 1.1, 1.0

.NET Compact Framework

Supported in: 2.0

XNA Framework

Supported in: 1.0

Community Additions

© 2015 Microsoft