System.Security.Permissions.FileIOPermission Class

Summary

Controls the ability to access files and folders. This class cannot be inherited.

C# Syntax:

[Serializable] public sealed class FileIOPermission : CodeAccessPermission, IUnrestrictedPermission

This permission distinguishes between the following four types of file IO access provided by FileIOPermissionAccess:

• Read: Read access to the contents of the file or access to information about the file, such as its length or last modification time.
• Write: Write access to the contents of the file or access to change information about the file, such as its name. Also allows for deletion and overwriting.
• Append: Ability to write to the end of a file only. No ability to read.
• PathDiscovery: Access to the information in the path itself. This protects sensitive information in the path, such as user names, as well as information about the directory structure revealed in the path. This value does not grant access to files or folders represented by the path.

All these permissions are independent, meaning that rights to one do not imply rights to another. For example, Write permission does not imply permission to Read or Append. If more than one permission is desired, they can be combined using a bitwise OR as shown in the code example that follows. File permission is defined in terms of canonical absolute paths; calls should always be made with canonical file paths.

FileIOPermission describes protected operations on files and folders. The File class provides secure access to files and folders. The security access check is performed when the handle to the file is created. By doing the check at creation time, the performance impact of the security check is minimized. Opening a file happens once, while reading and writing can happen multiple times. Once the file is opened, no further checks are done. If the object is passed to an untrusted caller, it can be misused. For example, file handles should not be stored in public global statics where code with less permission can access them.

FileIOPermissionAccess specifies actions that can be performed on the file or folder. In addition, these actions can be combined using a bitwise OR to form complex instances.

Access to a folder implies access to all the files it contains, as well as access to all the files and folders in its subfolders. For example, Read access to C:\folder1\ implies Read access to C:\folder1\file1.txt, C:\folder1\folder2\, C:\folder1\folder2\file2.txt, and so on.

Unrestricted FileIOPermission to a specified file effectively grants permission for all paths within a file system that can be used to access that file. To CodeAccessPermission.Deny access to a file, you must Deny all possible paths to the file. For example, if \\server\share is mapped to the network drive X, to Deny access to \\server\share\file you must Deny \\server\share\file, X:\file, and any other path that you can use to access the file.

The following examples illustrate code that uses FileIOPermission. After the following two lines of code, the object f represents permission to read all files on the client computer's local disks.

 FileIOPermission f = new FileIOPermission(PermissionState.None);
 f.AllLocalFiles = FileIOPermissionAccess.Read;

    

After the following two lines of code, the object f2 represents permissions to read C:\test_r and read and write to C:\example\out.txt.Read and Write represent the file/folder permissions as previously described.

 FileIOPermission f2 = new FileIOPermission(FileIOPermissionAccess.Read, "C:\\test_r");
 f2.AddPathList(FileIOPermissionAccess.Write | FileIOPermissionAccess.Read, "C:\\example\\out.txt");

    

System.Security.Permissions Namespace See also:
MSDN: permissions | MSDN: requestingpermissions | FileIOPermissionAccess | FileIOPermissionAttribute

System.Security.Permissions.FileIOPermission Member List:

Public Constructors

ctor #1	Overloaded: .ctor(PermissionState state) Initializes a new instance of the FileIOPermission class with fully-restricted or unrestricted permission as specified.
ctor #2	Overloaded: .ctor(FileIOPermissionAccess access, string path) Initializes a new instance of the FileIOPermission class with the specified access to the specified file or directory.
ctor #3	Overloaded: .ctor(FileIOPermissionAccess access, string[] pathList) Initializes a new instance of the FileIOPermission class with the specified access to the specified files and directories.

Public Properties

AllFiles	Read-write Gets or sets the permitted access to all files.
AllLocalFiles	Read-write Gets or sets the permitted access to all local files.

Public Methods

AddPathList	Overloaded: AddPathList(FileIOPermissionAccess access, string path) Adds access for the specified file or directory to the existing state of the permission.
AddPathList	Overloaded: AddPathList(FileIOPermissionAccess access, string[] pathList) Adds access for the specified files and directories to the existing state of the permission.
Assert (inherited from System.Security.CodeAccessPermission)	See base class member description: System.Security.CodeAccessPermission.Assert Asserts that calling code can access the resource identified by the current permission through the code that calls this method, even if callers higher in the stack have not been granted permission to access the resource.
Copy	Overridden: Creates and returns an identical copy of the current permission.
Demand (inherited from System.Security.CodeAccessPermission)	See base class member description: System.Security.CodeAccessPermission.Demand Forces a SecurityException at run time if all callers higher in the call stack have not been granted the permission specified by the current instance.
Deny (inherited from System.Security.CodeAccessPermission)	See base class member description: System.Security.CodeAccessPermission.Deny Prevents callers higher in the call stack from using the code that calls this method to access the resource specified by the current instance.
Equals (inherited from System.Object)	See base class member description: System.Object.Equals Derived from System.Object, the primary base class for all objects.
FromXml	Overridden: Reconstructs a permission with a specified state from an XML encoding.
GetHashCode (inherited from System.Object)	See base class member description: System.Object.GetHashCode Derived from System.Object, the primary base class for all objects.
GetPathList	Gets all files and directories with the specified FileIOPermissionAccess.
GetType (inherited from System.Object)	See base class member description: System.Object.GetType Derived from System.Object, the primary base class for all objects.
Intersect	Overridden: Creates and returns a permission that is the intersection of the current permission and the specified permission.
IsSubsetOf	Overridden: Determines whether the current permission is a subset of the specified permission.
IsUnrestricted	Returns a value indicating whether the current permission is unrestricted.
PermitOnly (inherited from System.Security.CodeAccessPermission)	See base class member description: System.Security.CodeAccessPermission.PermitOnly Prevents callers higher in the call stack from using the code that calls this method to access all resources except for the resource specified by the current instance.
SetPathList	Overloaded: SetPathList(FileIOPermissionAccess access, string path) Sets the specified access to the specified file or directory, replacing the existing state of the permission.
SetPathList	Overloaded: SetPathList(FileIOPermissionAccess access, string[] pathList) Sets the specified access to the specified files and directories, replacing the current state for the specified access with the new set of paths.
ToString (inherited from System.Security.CodeAccessPermission)	See base class member description: System.Security.CodeAccessPermission.ToString Creates and returns a string representation of the current permission object.
ToXml	Overridden: Creates an XML encoding of the permission and its current state.
Union	Overridden: Creates a permission that is the union of the current permission and the specified permission.

Protected Methods

Finalize (inherited from System.Object)	See base class member description: System.Object.Finalize Derived from System.Object, the primary base class for all objects.
MemberwiseClone (inherited from System.Object)	See base class member description: System.Object.MemberwiseClone Derived from System.Object, the primary base class for all objects.

Hierarchy:

• System.Object
• System.Security.CodeAccessPermission
• System.Security.Permissions.FileIOPermission

System.Security.Permissions.FileIOPermission Member Details

Summary

Initializes a new instance of the FileIOPermission class with fully-restricted or unrestricted permission as specified.

C# Syntax:

public FileIOPermission(    PermissionState state );

state

One of the PermissionState values.

Exceptions

Exception Type	Condition
ArgumentException	The state parameter is not a valid value of PermissionState.

Creates either fully-restricted (None) or Unrestricted access to files and directories.

Return to top

Summary

Initializes a new instance of the FileIOPermission class with the specified access to the specified file or directory.

C# Syntax:

public FileIOPermission(FileIOPermission(    FileIOPermissionAccess access,    string path );

access

A bitwise combination of the FileIOPermissionAccess values.

path

The absolute path of the file or directory.

Exceptions

Exception Type	Condition
ArgumentException	The access parameter is not a valid value of FileIOPermissionAccess. -or- The path parameter is not a valid string.

This constructor only allows one of the FileIOPermissionAccess values to be specified for the specified file or directory. Use FileIOPermission.AddPathList to define complex permissions.

Return to top

Summary

Initializes a new instance of the FileIOPermission class with the specified access to the specified files and directories.

C# Syntax:

public FileIOPermission(FileIOPermission(    FileIOPermissionAccess access,    string[] pathList );

access

A bitwise combination of the FileIOPermissionAccess values.

pathList

An array containing the paths of the files and directories.

Exceptions

Exception Type	Condition
ArgumentException	The access parameter is not a valid value of FileIOPermissionAccess. -or- An entry in the pathList array is not a valid string.

This constructor only allows one FileIOPermissionAccess value to be specified for the specified files and directories. Use FileIOPermission.AddPathList to define complex permissions.

Return to top

Summary

Gets or sets the permitted access to all files.

C# Syntax:

public FileIOPermissionAccess AllFiles {get; set;}

This property gets or sets the permitted access to all files on the local computer and network drives.

An individual FileIOPermissionAccess value can be checked for using a bitwise AND operation.

Return to top

Summary

Gets or sets the permitted access to all local files.

C# Syntax:

public FileIOPermissionAccess AllLocalFiles {get; set;}

Local files are files contained on the local computer. Any files not accessed through a network drive are local files.

An individual FileIOPermissionAccess value can be checked for using a bitwise AND operation.

Return to top

Summary

Adds access for the specified file or directory to the existing state of the permission.

C# Syntax:

public void AddPathList(    FileIOPermissionAccess access,    string path );

access

A bitwise combination of the FileIOPermissionAccess values.

path

The path of a file or directory.

Exceptions

Exception Type	Condition
ArgumentException	The access parameter is not a valid value of FileIOPermissionAccess. -or- The path parameter is not valid.
ArgumentNullException	The path parameter is null.

Use this method to modify file and directory access by adding to the state of the current permission.

Return to top

Summary

Adds access for the specified files and directories to the existing state of the permission.

C# Syntax:

public void AddPathList(    FileIOPermissionAccess access,    string[] pathList );

access

A bitwise combination of the FileIOPermissionAccess values.

pathList

An array containing the paths of the files and directories.

Exceptions

Exception Type	Condition
ArgumentException	The access parameter is not a valid value of FileIOPermissionAccess. -or- An entry in the pathList array is not valid.
ArgumentNullException	The pathList parameter is null.

Use this method to modify file and directory access by adding to the state of the current permission.

Return to top

Inherited
See base class member description: System.Security.CodeAccessPermission.Assert

Summary

Asserts that calling code can access the resource identified by the current permission through the code that calls this method, even if callers higher in the stack have not been granted permission to access the resource.

C# Syntax:

public void Assert();

Exceptions

Exception Type	Condition
SecurityException	The calling code does not have SecurityPermissionFlag.Assertion. -or- There is already an active CodeAccessPermission.Assert for the current frame.

Implements:

IStackWalk.Assert

The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack. Calling CodeAccessPermission.Assert prevents a stack walk originating lower in the call stack from proceeding up the call stack beyond the code that calls this method. Therefore, even if callers higher on the call stack do not have the requisite permissions to access a resource, they can still access it through the code that calls this method on the necessary permission. An assertion is effective only if the code that calls CodeAccessPermission.Assert passes the security check for the permission that it is asserting.

The call to CodeAccessPermission.Assert is effective until the calling code returns to its caller. Only one CodeAccessPermission.Assert can be active on a frame. An attempt to call CodeAccessPermission.Assert when an active CodeAccessPermission.Assert exists on the frame results in a SecurityException. Call CodeAccessPermission.RevertAssert or CodeAccessPermission.RevertAll to remove an active CodeAccessPermission.Assert.

CodeAccessPermission.Assert is ignored for a permission not granted because a demand for that permission will not succeed. However, if code lower on the call stack calls CodeAccessPermission.Demand for that permission, a SecurityException is thrown when the stack walk reaches the code that tried to call CodeAccessPermission.Assert. This happens because the code that called CodeAccessPermission.Assert has not been granted the permission, even though it tried to CodeAccessPermission.Assert it.

Because calling CodeAccessPermission.Assert removes the requirement that all code in the call chain must be granted permission to access the specified resource, it can open up security vulnerabilities if used incorrectly or inappropriately. Therefore, it should be used with great caution.

Notes to inheritors: You cannot override this method.

SecurityPermission for the ability to call CodeAccessPermission.Assert. Associated enumeration: SecurityPermissionFlag.Assertion

Return to top

Summary

Creates and returns an identical copy of the current permission.

C# Syntax:

public override IPermission Copy();

Return Value:

A copy of the current permission.

Implements:

IPermission.Copy

A copy of the permission represents the same access to resources as the original permission.

Return to top

Inherited
See base class member description: System.Security.CodeAccessPermission.Demand

Summary

Forces a SecurityException at run time if all callers higher in the call stack have not been granted the permission specified by the current instance.

C# Syntax:

public void Demand();

Exceptions

Exception Type	Condition
SecurityException	A caller higher in the call stack does not have the permission specified by the current instance. -or- A caller higher in the call stack has called CodeAccessPermission.Deny on the current permission object.

Implements:

IPermission.Demand

Implements:

IStackWalk.Demand

This method is typically used by secure libraries to ensure that callers have permission to access a resource. For example, a file class in a secure class library calls CodeAccessPermission.Demand for the necessary FileIOPermission before performing a file operation requested by the caller.

The permissions of the code that calls this method are not examined; the check begins from the immediate caller of that code and proceeds up the stack. The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack. CodeAccessPermission.Demand succeeds only if no SecurityException is raised.

Notes to inheritors: You cannot override this method.

Return to top

Inherited
See base class member description: System.Security.CodeAccessPermission.Deny

Summary

Prevents callers higher in the call stack from using the code that calls this method to access the resource specified by the current instance.

C# Syntax:

public void Deny();

Exceptions

Exception Type	Condition
SecurityException	There is already an active CodeAccessPermission.Deny for the current frame.

Implements:

IStackWalk.Deny

This method prevents callers higher in the call stack from accessing the protected resource through the code that calls this method, even if those callers have been granted permission to access it. The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack.

CodeAccessPermission.Deny can limit the liability of the programmer or prevent accidental security vulnerabilities because it prevents the method that calls CodeAccessPermission.Deny from being used to access the resource protected by the denied permission. If a method calls CodeAccessPermission.Deny on a permission, and if a CodeAccessPermission.Demand for that permission is invoked by a caller lower in the call stack, that security check will fail when it reaches the CodeAccessPermission.Deny.

The call to CodeAccessPermission.Deny is effective until the calling code returns to its caller. Only one CodeAccessPermission.Deny can be active on a frame. An attempt to call CodeAccessPermission.Deny when an active CodeAccessPermission.Deny exists on the frame results in a SecurityException. Call CodeAccessPermission.RevertDeny or CodeAccessPermission.RevertAll to remove an active CodeAccessPermission.Deny. CodeAccessPermission.Deny is ignored for a permission not granted because a demand for that permission will not succeed.

Notes to inheritors: You cannot override this method.

Return to top

Inherited
See base class member description: System.Object.Equals

C# Syntax:

public virtual bool Equals(    object obj );

For more information on members inherited from System.Object click on the link above.

Return to top

Inherited
See base class member description: System.Object.Finalize

C# Syntax:

~FileIOPermission();

For more information on members inherited from System.Object click on the link above.

Return to top

Summary

Reconstructs a permission with a specified state from an XML encoding.

C# Syntax:

public override void FromXml(    SecurityElement esd );

esd

The XML encoding used to reconstruct the permission.

Exceptions

Exception Type	Condition
ArgumentNullException	The esd parameter is null.
ArgumentException	The esd parameter is not a valid permission element. -or- The esd parameter's version number is not compatible.

Implements:

ISecurityEncodable.FromXml

Return to top

Inherited
See base class member description: System.Object.GetHashCode

C# Syntax:

public virtual int GetHashCode();

For more information on members inherited from System.Object click on the link above.

Return to top

Summary

Gets all files and directories with the specified FileIOPermissionAccess.

C# Syntax:

public string[] GetPathList(    FileIOPermissionAccess access );

access

One of the FileIOPermissionAccess values.

Return Value:

An array containing the paths of the files and directories to which access specified by the access parameter is granted.

Exceptions

Exception Type	Condition
ArgumentException	The access parameter is not a valid value of FileIOPermissionAccess.

Use this method to get the state of the current permission. To get the state of both Read and Write access, two calls to this method are required.

Return to top

Inherited
See base class member description: System.Object.GetType

C# Syntax:

public Type GetType();

For more information on members inherited from System.Object click on the link above.

Return to top

Summary

Creates and returns a permission that is the intersection of the current permission and the specified permission.

C# Syntax:

public override IPermission Intersect(    IPermission target );

target

A permission to intersect with the current permission. It must be the same type as the current permission.

Return Value:

A new permission that represents the intersection of the current permission and the specified permission. This new permission is null if the intersection is empty.

Exceptions

Exception Type	Condition
ArgumentException	The target parameter is not null and is not of the same type as the current permission.

Implements:

IPermission.Intersect

The intersection of two permissions is a permission that describes the set of operations they both describe in common. Only a demand that passes both original permissions will pass the intersection.

Return to top

Summary

Determines whether the current permission is a subset of the specified permission.

C# Syntax:

public override bool IsSubsetOf(    IPermission target );

target

A permission that is to be tested for the subset relationship. This permission must be the same type as the current permission.

Return Value:

true if the current permission is a subset of the specified permission; otherwise, false.

Exceptions

Exception Type	Condition
ArgumentException	The target parameter is not null and is not of the same type as the current permission.

Implements:

IPermission.IsSubsetOf

The current permission is a subset of the specified permission if the current permission specifies a set of operations that is contained by the specified permission. For example, a permission that represents read access to C:\example.txt is a subset of a permission that represents read access to C:\. If this method returns true, the current permission represents no more access to the protected resource than does the specified permission.

Return to top

Summary

Returns a value indicating whether the current permission is unrestricted.

C# Syntax:

public bool IsUnrestricted();

Return Value:

true if the current permission is unrestricted; otherwise, false.

Implements:

IUnrestrictedPermission.IsUnrestricted

An unrestricted permission represents access to all resources protected by the permission.

Return to top

Inherited
See base class member description: System.Object.MemberwiseClone

C# Syntax:

protected object MemberwiseClone();

For more information on members inherited from System.Object click on the link above.

Return to top

Inherited
See base class member description: System.Security.CodeAccessPermission.PermitOnly

Summary

Prevents callers higher in the call stack from using the code that calls this method to access all resources except for the resource specified by the current instance.

C# Syntax:

public void PermitOnly();

Exceptions

Exception Type	Condition
SecurityException	There is already an active CodeAccessPermission.PermitOnly for the current frame.

Implements:

IStackWalk.PermitOnly

CodeAccessPermission.PermitOnly is similar to CodeAccessPermission.Deny, in that both cause stack walks to fail when they would otherwise succeed. The difference is that CodeAccessPermission.Deny specifies permissions that will cause the stack walk to fail, but CodeAccessPermission.PermitOnly specifies the only permissions that do not cause the stack walk to fail.

Call this method to ensure that your code can be used to access only the specified resources. The call to CodeAccessPermission.PermitOnly is effective until the calling code returns to its caller. Only one CodeAccessPermission.PermitOnly can be active on a frame. An attempt to call CodeAccessPermission.PermitOnly when an active CodeAccessPermission.PermitOnly exists on the frame results in a SecurityException. Call CodeAccessPermission.RevertPermitOnly or CodeAccessPermission.RevertAll to remove an active CodeAccessPermission.PermitOnly.

CodeAccessPermission.PermitOnly is ignored for a permission not granted because a demand for that permission will not succeed. However, if code lower on the call stack later calls CodeAccessPermission.Demand for that permission, a SecurityException is thrown when the stack walk reaches the code that tried to call CodeAccessPermission.PermitOnly. This is because the code that called CodeAccessPermission.PermitOnly has not been granted the permission, even though it called CodeAccessPermission.PermitOnly for that permission. The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack.

Notes to inheritors: You cannot override this method.

Return to top

Summary

Sets the specified access to the specified file or directory, replacing the existing state of the permission.

C# Syntax:

public void SetPathList(    FileIOPermissionAccess access,    string path );

access

A bitwise combination of the FileIOPermissionAccess values.

path

The path of the file or directory.

Exceptions

Exception Type	Condition
ArgumentException	The access parameter is not a valid value of FileIOPermissionAccess. -or- The path parameter is not a valid string.

The previous state of the current permission for the specified access type is overwritten. The following code sets the access for C:\temp to FileIOPermissionAccess.Read.

              SetPathList(FileIOPermissionAccess.Read, "C:\\temp");
                 
            

This access will not be overwritten by the following code because the access types are not the same.

              SetPathList(FileIOPermissionAccess.Write, "C:\\documents");
                 
            

Return to top

Summary

Sets the specified access to the specified files and directories, replacing the current state for the specified access with the new set of paths.

C# Syntax:

public void SetPathList(    FileIOPermissionAccess access,    string[] pathList );

access

A bitwise combination of the FileIOPermissionAccess values.

pathList

An array containing the paths of the files and directories.

Exceptions

Exception Type	Condition
ArgumentException	The access parameter is not a valid value of FileIOPermissionAccess. -or- An entry in the pathList parameter is not a valid string.

The previous state of the current permission for the specified access type is overwritten. The following code sets the access for C:\temp to FileIOPermissionAccess.Read.

              SetPathList(FileIOPermissionAccess.Read, "C:\\temp");
                 
            

This access will not be overwritten by the following code because the access types are not the same.

              SetPathList(FileIOPermissionAccess.Write, "C:\\documents");
                 
            

Return to top

Inherited
See base class member description: System.Security.CodeAccessPermission.ToString

Summary

Creates and returns a string representation of the current permission object.

C# Syntax:

public override string ToString();

Return Value:

A string representation of the current permission object.

This method is useful in debugging when you need to display the permission as a string.

Return to top

Summary

Creates an XML encoding of the permission and its current state.

C# Syntax:

public override SecurityElement ToXml();

Return Value:

An XML encoding of the permission, including any state information.

Implements:

ISecurityEncodable.ToXml

Return to top

Summary

Creates a permission that is the union of the current permission and the specified permission.

C# Syntax:

public override IPermission Union(    IPermission other );

other

A permission to combine with the current permission. It must be the same type as the current permission.

Return Value:

A new permission that represents the union of the current permission and the specified permission.

Exceptions

Exception Type	Condition
ArgumentException	The other parameter is not null and is not of the same type as the current permission.

Implements:

IPermission.Union

The result of a call to FileIOPermission.Union is a permission that represents all the operations represented by both the current permission and the specified permission. Any demand that passes either permission passes their union.

Return to top

Top of page