This documentation is archived and is not being maintained.

How to: Import a Permission Set by Using an XML File

The XML file may contain a permission set (with or without a custom permission) that contains the permissions the application needs to run. You can import the permission set into security policy by using the Caspol.exe (Code Access Security Policy Tool).

The following example shows a permission set and a permission inside an XML file.

<PermissionSet class="NamedPermissionSet" version="1"
  Description="Permission set containing my custom permission">
  <IPermission class="myCustomNamespace.CustomPermission, customPerm,
    Version=, Culture=neutral, PublicKeyToken=64a85a7d791b1a32"
    version="1" Unrestricted="True"/>

The <PermissionSet> element can contain any number of <IPermission> elements, which represent the permissions in the permission set. The class attribute usually contains the value "NamedPermissionSet" or "System.Security.NamedPermissionSet". The version attribute indicates the version of the .NET Framework. The Name attribute is the name of the permission set. The Description attribute provides a description of the permission set. You can modify both the Name and Description attributes.

Caution noteCaution

Before you add the permission set to security policy, you might need to change the XML file so that the state of the permissions meets your needs. See the documentation for the application to learn about the specific attributes for the permission and how to change its state.

The Caspol.exe (Code Access Security Policy Tool) ships with the Windows Software Development Kit (SDK) and supports scripting to change security policy. You can use Caspol.exe to add new permission sets, but not to modify permission sets. If the XML file has only a permission — not a permission set — and you want to add the permission using Caspol.exe, you must wrap the permission in a permission set.

To add a permission set by using Caspol.exe

  • Type the following command at the command prompt:

    caspol {-enterprise|-machine|-user} -addpset xmlFile

    In this command, xmlFile is the name of the file that contains the permission set and the permission.