Upraviť

Zdieľať cez


IStackWalk Interface

Definition

Caution

Code Access Security is not supported or honored by the runtime.

Manages the stack walk that determines whether all callers in the call stack have the required permissions to access a protected resource.

public interface class IStackWalk
[System.Obsolete("Code Access Security is not supported or honored by the runtime.", DiagnosticId="SYSLIB0003", UrlFormat="https://aka.ms/dotnet-warnings/{0}")]
public interface IStackWalk
public interface IStackWalk
[System.Runtime.InteropServices.ComVisible(true)]
public interface IStackWalk
[<System.Obsolete("Code Access Security is not supported or honored by the runtime.", DiagnosticId="SYSLIB0003", UrlFormat="https://aka.ms/dotnet-warnings/{0}")>]
type IStackWalk = interface
type IStackWalk = interface
[<System.Runtime.InteropServices.ComVisible(true)>]
type IStackWalk = interface
Public Interface IStackWalk
Derived
Attributes

Remarks

Caution

Code Access Security (CAS) has been deprecated across all versions of .NET Framework and .NET. Recent versions of .NET do not honor CAS annotations and produce errors if CAS-related APIs are used. Developers should seek alternative means of accomplishing security tasks.

Partially trusted code always presents a security risk. It can sometimes be manipulated to perform actions on behalf of malicious code that does not have permission to access a resource. In this way, malicious code can achieve higher security access than it should be allowed.

The common language runtime helps protect managed code from these attacks by running a stack walk on all calls. The stack walk requires that all code in the call stack has permission to access a protected resource. Because the code attempting the attack will always be somewhere in the call stack, it will be unable to exceed its own security permissions.

Methods

Assert()

Asserts that the calling code can access the resource identified by the current permission object, even if callers higher in the stack have not been granted permission to access the resource.

Demand()

Determines at run time whether all callers in the call stack have been granted the permission specified by the current permission object.

Deny()

Causes every Demand() for the current object that passes through the calling code to fail.

PermitOnly()

Causes every Demand() for all objects except the current one that passes through the calling code to fail, even if code higher in the call stack has been granted permission to access other resources.

Applies to