System.Security.Permissions.EnvironmentPermissionAttribute Class

public sealed class EnvironmentPermissionAttribute : CodeAccessSecurityAttribute

Base Types

Object
  Attribute
    SecurityAttribute
      CodeAccessSecurityAttribute
        EnvironmentPermissionAttribute

Assembly

mscorlib

Library

BCL

Summary

Used to declaratively specify security actions to control access to environment variables.

Description

Environment variable names are case-insensitive. Multiple environment variable names are specified by separating the names using the System.IO.Path.PathSeparator string.

[Note: The level of access to one or more environment variables is specified using the members of the current instance. For example, to specify read permissions for an environment variable, set the System.Security.Permissions.EnvironmentPermissionAttribute.Read property equal to the name of the environment variable.

The security information declared by a security attribute is stored in the metadata of the attribute target, and is accessed by the system at run-time. Security attributes are used for declarative security only. For imperative security, use the corresponding permission class, EnvironmentPermission .

The allowable EnvironmentPermissionAttribute targets are determined by the SecurityAction passed to the constructor.

]

Example

The following example shows a declarative request for the ability to read the specified environment variables. The System.Security.Permissions.SecurityAction.RequestMinimum security action indicates that this is the minimum permission required for the target assembly to be able to execute.

[assembly:EnvironmentPermissionAttribute(SecurityAction.RequestMinimum, Read="COMPUTERNAME;USERNAME;USERDOMAIN")]

The following example shows how to demand that the calling code has unrestricted access to all environment variables. Demands are typically made in managed libraries to protect methods or classes from malicious code.

[EnvironmentPermissionAttribute(SecurityAction.Demand, Unrestricted=true)]

Attributes

AttributeUsageAttribute(AttributeTargets.Assembly | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Constructor | AttributeTargets.Method, AllowMultiple=true, Inherited=false)

See Also

System.Security.Permissions Namespace

Members

EnvironmentPermissionAttribute Constructors

EnvironmentPermissionAttribute Constructor

EnvironmentPermissionAttribute Methods

EnvironmentPermissionAttribute.CreatePermission Method

EnvironmentPermissionAttribute Properties

EnvironmentPermissionAttribute.All Property
EnvironmentPermissionAttribute.Read Property
EnvironmentPermissionAttribute.Write Property

EnvironmentPermissionAttribute Constructor

public EnvironmentPermissionAttribute(SecurityAction action);

Summary

Constructs and initializes a new instance of the EnvironmentPermissionAttribute class with the specified SecurityAction value.

Parameters

action
A SecurityAction value.

Exceptions

Exception TypeCondition
ArgumentExceptionaction is not a valid SecurityAction value.

See Also

System.Security.Permissions.EnvironmentPermissionAttribute Class, System.Security.Permissions Namespace

EnvironmentPermissionAttribute.CreatePermission Method

public override IPermission CreatePermission();

Summary

Returns a new EnvironmentPermission that contains the security information of the current instance.

Return Value

A new EnvironmentPermission object with the security information of the current instance.

Description

[Note: Applications typically do not call this method; it is intended for use by the system.

The security information described by a security attribute is stored in the metadata of the attribute target, and is accessed by the system at run-time. The system uses the object returned by this method to convert the security information of the current instance into the form stored in metadata.

This method overrides System.Security.Permissions.SecurityAttribute.CreatePermission.

]

See Also

System.Security.Permissions.EnvironmentPermissionAttribute Class, System.Security.Permissions Namespace

EnvironmentPermissionAttribute.All Property

public string All { set; }

Summary

Sets the environment variables for which full access is secured.

Property Value

A String containing one or more environment variables for which full access is secured.

Description

This property is write-only.

Multiple environment variable names are specified by separating the names using the System.IO.Path.PathSeparator string. Environment variable names are case-insensitive.

[Note: The security action passed to the constructor of the current instance determines how the specified environment variables are secured. For example, if the action is System.Security.Permissions.SecurityAction.RequestMinimum , then the target of the current instance requires full access to the specified variables in order to execute. If the action is System.Security.Permissions.SecurityAction.RequestRefuse, then the system does not allow the target any access to the specified variables.]

See Also

System.Security.Permissions.EnvironmentPermissionAttribute Class, System.Security.Permissions Namespace

EnvironmentPermissionAttribute.Read Property

public string Read { get; set; }

Summary

Gets or sets the environment variables for which read access is secured.

Property Value

A String containing one or more environment variables for which read access is secured.

Description

Multiple environment variable names are specified by separating the names using the System.IO.Path.PathSeparator string. Environment variable names are case-insensitive.

[Note: The security action passed to the constructor of the current instance determines how the specified environment variables are secured. For example, if the action is System.Security.Permissions.SecurityAction.RequestMinimum , then the target of the current instance requires read access to the specified variables in order to execute. If the action is System.Security.Permissions.SecurityAction.RequestRefuse, then the system does not allow the target to read the specified variables.]

See Also

System.Security.Permissions.EnvironmentPermissionAttribute Class, System.Security.Permissions Namespace

EnvironmentPermissionAttribute.Write Property

public string Write { get; set; }

Summary

Gets or sets the environment variables for which write access is secured.

Property Value

A String containing one or more environment variables for which write access is secured.

Description

Multiple environment variable names are specified by separating the names using the System.IO.Path.PathSeparator string. Environment variable names are case-insensitive.

[Note: The security action passed to the constructor of the current instance determines how the specified environment variables are secured. For example, if the action is System.Security.Permissions.SecurityAction.RequestMinimum , then the target of the current instance requires write access to the specified variables in order to execute. If the action is System.Security.Permissions.SecurityAction.RequestRefuse, then the system does not allow the target to write the specified variables.]

See Also

System.Security.Permissions.EnvironmentPermissionAttribute Class, System.Security.Permissions Namespace