Named Permission Sets
A named permission set is a set of permissions that administrators can associate with a code group. A named permission set consists of at least one permission, and a name and description for the permission set. Administrators can use named permission sets to establish or modify the security policy for code groups. More than one code group can be associated with the same named permission set.
The following table shows the built-in named permission sets provided by the common language runtime.
Permission set | Description |
---|---|
Nothing |
No permissions (code cannot run). |
Execution |
Permission to run (execute), but no permissions to use protected resources. |
Internet |
The default policy permission set suitable for content from unknown origin. |
LocalIntranet |
The default policy permission set within an enterprise. |
Everything |
All standard (built-in) permissions, except permission to skip verification. |
FullTrust |
Full access to all resources. |
You cannot modify any of the built in named permission sets. However, it is possible to copy them and modify the copy using the .NET Configuration tool Microsoft Management Console (MMC) snap-in. Administrators can define custom named permission sets, as long as their names are different from the built-in named permission sets. Named permission sets cannot contain identity permissions because identity permissions are derived from evidence directly (for permission objects that implement IIdentityPermissionFactory) and are therefore not a product of normal policy evaluation.