다음을 통해 공유


Named Permission Sets

A named permission set is a set of permissions that administrators can associate with a code group. A named permission set consists of at least one permission, and a name and description for the permission set. Administrators can use named permission sets to establish or modify the security policy for code groups. More than one code group can be associated with the same named permission set.

The following table shows the built-in named permission sets provided by the common language runtime.

Permission set Description
Nothing No permissions (code cannot run).
Execution Permission to run (execute), but no permissions to use protected resources.
Internet The default policy permission set suitable for content from unknown origin.
LocalIntranet The default policy permission set within an enterprise.
Everything All standard (built-in) permissions, except permission to skip verification.
FullTrust Full access to all resources.

You cannot modify any of the built in named permission sets. However, it is possible to copy them and modify the copy using the .NET Configuration tool Microsoft Management Console (MMC) snap-in. Administrators can define custom named permission sets as long as their names are different from the built-in named permission sets. Named permission sets cannot contain identity permissions because identity permissions are derived from evidence directly (for permission objects that implement IIdentityPermissionFactory) and are therefore not a product of normal policy evaluation.

See Also

Permissions | Security Policy Management