MSDN Library

Documentation for .NET Framework

PolicyLevel Class

Represents a code access security (CAS) policy level.

Namespace: System.Net.Security.CAS
Assembly: System.dll

Syntax


public sealed class PolicyLevel

Remarks

A PolicyLevel object represents a single level of code access security policy. This class is part of the Code Access Security (CAS) infrastructure in .NET Framework, which has been largely superseded by modern security models. Policy levels define sets of permissions that are granted to code based on its evidence. These levels are typically configured at different scopes, such as Enterprise, Machine, User, and Application Domain. Direct manipulation of CAS policy levels is generally not recommended for new development.

Note: Code Access Security (CAS) is a feature of earlier versions of the .NET Framework. It is not recommended for use in new applications. For more information, see Code Access Security Has Been Deprecated.

Methods

Name Description
AddNamedPermissionSet Adds a named permission set to the policy level.
ChangeMembership Changes the membership of a code group.
CreateX509CertificateEvidence Creates an evidence object of type X509Certificate.
FromXml Reconstructs a policy level with the specified state from XML encoding.
ToXml Generates an XML encoding of the current policy level that includes the current state of the policy level.

Properties

Name Description
BuiltInPermissionSets Gets the collection of built-in permission sets for the policy level.
CodeGroups Gets or sets the root code group for the policy level.
Label Gets the descriptive label for the policy level.
NamedPermissionSets Gets the collection of named permission sets for the policy level.
Type Gets the type of the policy level.

Example

The following example demonstrates how to access and modify policy levels.


using System;
using System.Security.Policy;
using System.Security.Permissions;

public class PolicyLevelExample
{
    public static void Main(string[] args)
    {
        try
        {
            // Get the application domain policy level
            PolicyLevel appDomainLevel = System.Security.Policy.PolicyManager.GetAppDomainPolicy();

            Console.WriteLine("Policy Level Label: {0}", appDomainLevel.Label);
            Console.WriteLine("Policy Level Type: {0}", appDomainLevel.Type);

            // Example: Adding a new permission set (demonstrative, often complex)
            // This is a simplified example and may not be directly executable without a full CAS setup.
            /*
            PermissionSet writePermissionSet = new PermissionSet(
                SecurityAction.Demand,
                new FileIOPermission(FileIOPermissionAccess.Write, @"C:\Temp\"));

            appDomainLevel.AddNamedPermissionSet(new NamedPermissionSet("MyWriteSet", writePermissionSet));
            Console.WriteLine("Added 'MyWriteSet' to the policy level.");
            */

            // Example: Accessing named permission sets
            Console.WriteLine("\nNamed Permission Sets:");
            foreach (String name in appDomainLevel.NamedPermissionSets)
            {
                Console.WriteLine("- {0}", name);
            }
        }
        catch (Exception ex)
        {
            Console.WriteLine("An error occurred: {0}", ex.Message);
        }
    }
}

Requirements

Supported in: .NET Framework 1.0, 1.1, 2.0, 3.0, 3.5, 4.0, 4.5, 4.6, 4.7, 4.8

See Also

System.Net.Security Namespace Code Access Security (CAS) Overview PermissionSet Class CodeGroup Class