FileCodeGroup Class
Represents a code group that grants access based on the evidence that the code originated from a specific file or set of files.
Summary
The FileCodeGroup class is part of the Code Access Security (CAS) framework in .NET. It allows administrators to define security policies by granting specific permissions to code based on its origin, particularly from files on the local file system.
Constructors
| Member | Description |
|---|---|
|
FileCodeGroup(IIdentityPermission[] identities)
public
|
Initializes a new instance of the FileCodeGroup class with the specified array of identity permissions. |
Properties
| Member | Description |
|---|---|
|
AttributeString
public override string
|
Gets the attribute string associated with the code group. |
|
CreateEvidence()
public override Evidence
|
Creates new evidence for the current code group. |
|
FirstEvidence
public override object
|
Gets or sets the first evidence for the code group. |
|
MergePolicyData
public override string
|
Gets or sets the merge policy data for the code group. |
|
PolicyStatement
public override PolicyStatement
|
Gets or sets the policy statement associated with the code group. |
|
RuleChildren
public override string
|
Gets or sets the rule-based children of the code group. |
|
TagBasedRuntime
public override string
|
Gets or sets the runtime tag for the code group. |
Methods
| Member | Description |
|---|---|
|
Copy()
public override CodeGroup
|
Creates a new code group and copies the specified attributes from the current code group to the new code group. |
|
Equals(object o)
public override bool
|
Determines whether the specified object is equal to the current object. |
|
GetHashCode()
public override int
|
Serves as the default hash function. |
|
GetType()
public override Type
|
Gets the Type of the current instance. |
|
ToString()
public override string
|
Returns a string that represents the current object. |
Inheritance Hierarchy
System.Object
⇦ System.Security.CodeAccessSecurity.CodeGroup
⇦ System.Net.Security.CAS.FileCodeGroup
Remarks
The FileCodeGroup is crucial for implementing file-based security policies. When code is loaded from a file, the CAS infrastructure checks the file's location against the defined FileCodeGroup policies. If a match is found, the permissions associated with that policy are granted to the code.
This class is part of the older Code Access Security (CAS) model, which has been largely superseded by Windows UAC and other modern security mechanisms. However, it remains relevant for understanding .NET security history and for applications that might still be targeting older .NET Framework versions.
Example
Creating a FileCodeGroup
The following example demonstrates how to create a FileCodeGroup that grants full trust to code originating from a specific directory:
using System;
using System.Security;
using System.Security.Policy;
using System.Security.Principal;
public class FileCodeGroupExample
{
public static void Main(string[] args)
{
// Define the file path evidence
File iidentity = new File("C:\\MyApp\\");
Evidence evidence = new Evidence(new object[] { iidentity });
// Create a policy statement (e.g., FullTrust)
PolicyStatement fullTrustStatement = new PolicyStatement(
new PermissionSet(null), // Use default permissions for FullTrust
SecurityAction.PermitOnly
);
// Create a FileCodeGroup with an empty identity array (often used for specific file paths)
// In a real scenario, you might use specific identities depending on the evidence type.
FileCodeGroup fileGroup = new FileCodeGroup(new IIdentityPermission[] { });
// Set the policy statement and other properties
fileGroup.PolicyStatement = fullTrustStatement;
fileGroup.Description = "Grants Full Trust to code from C:\\MyApp\\";
// Add the code group to the current policy level (example)
// IApplicationIdentityIdentity identity = new ApplicationIdentity("MyApp");
// Url url = new Url("file:///C:/MyApp/");
// CodeGroup rootGroup = new UnionCodeGroup(
// new Url("file:///"),
// new PolicyStatement(new PermissionSet(Security.Permissions.SecurityPermission.AllFlags))
// );
// rootGroup.AddChild(fileGroup);
Console.WriteLine($"Created FileCodeGroup: {fileGroup.Description}");
Console.WriteLine($"Attribute String: {fileGroup.AttributeString}");
}
}