From ba77682b503c977ddf8df71fd1b42df6bdaf0f98 Mon Sep 17 00:00:00 2001 From: Genevieve Warren <24882762+gewarren@users.noreply.github.com> Date: Fri, 29 May 2026 14:31:41 -0700 Subject: [PATCH 1/2] Remove .NET Framework remarks --- .../CodeAccessSecurityAttribute.xml | 19 +- .../DataProtectionPermission.xml | 83 +------- .../DataProtectionPermissionAttribute.xml | 51 +---- .../DataProtectionPermissionFlags.xml | 9 +- .../EnvironmentPermission.xml | 98 +-------- .../EnvironmentPermissionAccess.xml | 5 - .../EnvironmentPermissionAttribute.xml | 48 +---- .../FileDialogPermission.xml | 56 +---- .../FileDialogPermissionAttribute.xml | 15 +- .../FileIOPermission.xml | 194 ++---------------- .../FileIOPermissionAccess.xml | 7 - .../FileIOPermissionAttribute.xml | 128 +----------- .../GacIdentityPermission.xml | 87 +------- .../GacIdentityPermissionAttribute.xml | 37 +--- .../HostProtectionAttribute.xml | 120 +---------- .../HostProtectionResource.xml | 2 - .../IUnrestrictedPermission.xml | 2 - .../IsolatedStorageContainment.xml | 22 -- .../IsolatedStorageFilePermission.xml | 61 +----- ...IsolatedStorageFilePermissionAttribute.xml | 19 +- .../IsolatedStoragePermission.xml | 32 +-- .../IsolatedStoragePermissionAttribute.xml | 19 +- .../KeyContainerPermission.xml | 92 +-------- .../KeyContainerPermissionAccessEntry.xml | 143 +------------ ...ntainerPermissionAccessEntryCollection.xml | 104 +--------- ...ntainerPermissionAccessEntryEnumerator.xml | 56 +---- .../KeyContainerPermissionAttribute.xml | 121 ++--------- .../KeyContainerPermissionFlags.xml | 7 - .../MediaPermission.xml | 67 +----- .../MediaPermissionAttribute.xml | 51 +---- .../MediaPermissionAudio.xml | 2 - .../MediaPermissionImage.xml | 2 - .../MediaPermissionVideo.xml | 2 - .../PermissionSetAttribute.xml | 55 +---- .../PermissionState.xml | 10 +- .../PrincipalPermission.xml | 102 +-------- .../PrincipalPermissionAttribute.xml | 47 +---- .../PublisherIdentityPermission.xml | 75 +------ .../PublisherIdentityPermissionAttribute.xml | 54 +---- .../ReflectionPermission.xml | 63 +----- .../ReflectionPermissionAttribute.xml | 24 +-- .../ReflectionPermissionFlag.xml | 10 +- .../RegistryPermission.xml | 139 ++----------- .../RegistryPermissionAccess.xml | 5 - .../RegistryPermissionAttribute.xml | 89 +------- .../ResourcePermissionBase.xml | 77 +------ .../ResourcePermissionBaseEntry.xml | 18 +- .../SecurityAction.xml | 23 +-- .../SecurityAttribute.xml | 36 +--- .../SecurityPermission.xml | 65 +----- .../SecurityPermissionAttribute.xml | 58 +----- .../SecurityPermissionFlag.xml | 5 - .../SiteIdentityPermission.xml | 105 +--------- .../SiteIdentityPermissionAttribute.xml | 39 +--- .../StorePermission.xml | 92 +-------- .../StorePermissionAttribute.xml | 91 +------- .../StorePermissionFlags.xml | 2 - .../StrongNameIdentityPermission.xml | 111 +--------- .../StrongNameIdentityPermissionAttribute.xml | 29 +-- .../StrongNamePublicKeyBlob.xml | 17 +- .../TypeDescriptorPermission.xml | 10 - .../UIPermission.xml | 78 +------ .../UIPermissionAttribute.xml | 19 +- .../UIPermissionClipboard.xml | 6 +- .../UIPermissionWindow.xml | 45 +--- .../UrlIdentityPermission.xml | 96 +-------- .../UrlIdentityPermissionAttribute.xml | 35 +--- .../WebBrowserPermission.xml | 82 +------- .../WebBrowserPermissionAttribute.xml | 23 +-- .../WebBrowserPermissionLevel.xml | 8 - .../ZoneIdentityPermission.xml | 69 +------ .../ZoneIdentityPermissionAttribute.xml | 22 +- 72 files changed, 350 insertions(+), 3345 deletions(-) diff --git a/xml/System.Security.Permissions/CodeAccessSecurityAttribute.xml b/xml/System.Security.Permissions/CodeAccessSecurityAttribute.xml index 9279e223065..6eb9baaea5a 100644 --- a/xml/System.Security.Permissions/CodeAccessSecurityAttribute.xml +++ b/xml/System.Security.Permissions/CodeAccessSecurityAttribute.xml @@ -91,18 +91,8 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - This attribute class associates a , for example, `Demand`, with a custom security attribute. - - The types that derive from are used to help restrict access to resources or securable operations. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. Use the corresponding permission class derived from for imperative security. - ]]> - - All permission attributes derived from this class must have only a single constructor that takes a as its only parameter. - - Extending Metadata Using Attributes @@ -155,14 +145,7 @@ One of the values. Initializes a new instance of with the specified . - - - + To be added. Derived classes must have only one constructor that takes a as its only parameter. diff --git a/xml/System.Security.Permissions/DataProtectionPermission.xml b/xml/System.Security.Permissions/DataProtectionPermission.xml index 4291411909f..4f380aa2492 100644 --- a/xml/System.Security.Permissions/DataProtectionPermission.xml +++ b/xml/System.Security.Permissions/DataProtectionPermission.xml @@ -48,8 +48,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - This permission is used to control the ability to encrypt data and memory using the and classes. - ]]> @@ -133,14 +131,7 @@ One of the values. Initializes a new instance of the class with the specified permission state. - - - + To be added. is not a valid value. @@ -178,14 +169,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -219,14 +203,7 @@ Gets or sets the data and memory protection flags. A bitwise combination of the values. - - and classes can be used. - - ]]> - + To be added. The specified value is not a valid combination of the values. @@ -264,14 +241,7 @@ A that contains the XML encoding used to reconstruct the permission. Reconstructs a permission with a specific state from an XML encoding. - - method reconstructs a object from an XML encoding defined by the class. Use the method to XML-encode the , including state information. - - ]]> - + To be added. is . @@ -317,14 +287,7 @@ A permission to intersect with the current permission. It must be the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. A new permission that represents the intersection of the current permission and the specified permission. This new permission is if the intersection is empty. - - - + To be added. is not and does not specify a permission of the same type as the current permission. @@ -365,14 +328,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - access is a subset of a permission for access. - - ]]> - + To be added. is not and does not specify a permission of the same type as the current permission. @@ -413,14 +369,7 @@ Returns a value indicating whether the current permission is unrestricted. if the current permission is unrestricted; otherwise, . - - - + To be added. @@ -455,14 +404,7 @@ Creates an XML encoding of the permission and its current state. An XML encoding of the permission, including state information. - - method to restore the state information from a . - - ]]> - + To be added. @@ -500,14 +442,7 @@ A permission to combine with the current permission. It must be of the same type as the current permission. Creates a permission that is the union of the current permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - is a permission that represents all operations represented by both the current permission and the specified permission. Any demand that passes either permission passes their union. - - ]]> - + To be added. is not and does not specify a permission of the same type as the current permission. diff --git a/xml/System.Security.Permissions/DataProtectionPermissionAttribute.xml b/xml/System.Security.Permissions/DataProtectionPermissionAttribute.xml index d049ac6045a..59090d49e0f 100644 --- a/xml/System.Security.Permissions/DataProtectionPermissionAttribute.xml +++ b/xml/System.Security.Permissions/DataProtectionPermissionAttribute.xml @@ -48,10 +48,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - The scope of the declaration that is allowed depends on the value that is used. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. is used only for declarative security. For imperative security, use the class. - ]]> @@ -122,16 +118,7 @@ Creates and returns a new . A that corresponds to the attribute. - - - + To be added. @@ -200,14 +187,7 @@ Gets or sets a value indicating whether data can be encrypted using the class. if data can be encrypted; otherwise, . - - occurs when the method is called. - - ]]> - + To be added. @@ -242,14 +222,7 @@ Gets or sets a value indicating whether memory can be encrypted using the class. if memory can be encrypted; otherwise, . - - occurs when the method is called. - - ]]> - + To be added. @@ -284,14 +257,7 @@ Gets or sets a value indicating whether data can be unencrypted using the class. if data can be unencrypted; otherwise, . - - occurs when the method is called. - - ]]> - + To be added. @@ -326,14 +292,7 @@ Gets or sets a value indicating whether memory can be unencrypted using the class. if memory can be unencrypted; otherwise, . - - occurs when the method is called. - - ]]> - + To be added. diff --git a/xml/System.Security.Permissions/DataProtectionPermissionFlags.xml b/xml/System.Security.Permissions/DataProtectionPermissionFlags.xml index e4284849848..edd200eea74 100644 --- a/xml/System.Security.Permissions/DataProtectionPermissionFlags.xml +++ b/xml/System.Security.Permissions/DataProtectionPermissionFlags.xml @@ -41,17 +41,12 @@ Specifies the access permissions for encrypting data and memory. - and classes to protect access to encrypted data and memory using the and classes. - -> [!CAUTION] -> Many of these flags can have powerful effects and should be granted only to highly trusted code. - ]]> diff --git a/xml/System.Security.Permissions/EnvironmentPermission.xml b/xml/System.Security.Permissions/EnvironmentPermission.xml index f7c358f3830..5a43fea7f11 100644 --- a/xml/System.Security.Permissions/EnvironmentPermission.xml +++ b/xml/System.Security.Permissions/EnvironmentPermission.xml @@ -51,11 +51,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - Environment variable names are designated by one or more case-insensitive name lists separated by semicolons, with separate lists for read and write access to the named variables. Write access includes the ability to create and delete environment variables as well as to change existing values. - -> [!NOTE] -> In versions of .NET Framework before .NET Framework 4, you could use the method to prevent inadvertent access to system resources by trusted code. is now obsolete, and access to resources is now determined solely by the granted permission set for an assembly. To limit access to files, you must run partially trusted code in a sandbox and assign it permissions only to resources that the code is allowed to access. For information about running an application in a sandbox, see [How to: Run Partially Trusted Code in a Sandbox](/dotnet/framework/misc/how-to-run-partially-trusted-code-in-a-sandbox). - ]]> @@ -105,14 +100,7 @@ One of the values. Initializes a new instance of the class with either restricted or unrestricted permission as specified. - - - + To be added. The parameter is not a valid value of . @@ -151,14 +139,7 @@ One of the values. A list of environment variables (semicolon-separated) to which access is granted. Initializes a new instance of the class with the specified access to the specified environment variables. - - values to be specified. This access applies to all listed environment variables. Use to define complex permissions. - - ]]> - + To be added. The parameter is . The parameter is not a valid value of . @@ -201,14 +182,7 @@ One of the values. A list of environment variables (semicolon-separated). Adds access for the specified environment variables to the existing state of the permission. - - - + To be added. The parameter is . The parameter is not a valid value of . @@ -247,14 +221,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -339,17 +306,7 @@ One of the values that represents a single type of environment variable access. Gets all environment variables with the specified . A list of environment variables (semicolon-separated) for the selected flag. - - [!NOTE] -> The `flag` parameter is limited to the values of , which represent single types of environment variable access. Those values are and . The values acceptable to `flag` do not include and , which do not represent single types of environment variable access. - - ]]> - + To be added. is not a valid value of . @@ -395,14 +352,7 @@ A permission to intersect with the current permission. It must be of the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. A new permission that represents the intersection of the current permission and the specified permission. This new permission is if the intersection is empty. - - - + To be added. The parameter is not and is not of the same type as the current permission. @@ -444,14 +394,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - - + To be added. The parameter is not and is not of the same type as the current permission. @@ -493,14 +436,7 @@ Returns a value indicating whether the current permission is unrestricted. if the current permission is unrestricted; otherwise, . - - - + To be added. @@ -541,14 +477,7 @@ One of the values. A list of environment variables (semicolon-separated). Sets the specified access to the specified environment variables to the existing state of the permission. - - - + To be added. The parameter is . The parameter is not a valid value of . @@ -627,14 +556,7 @@ A permission to combine with the current permission. It must be of the same type as the current permission. Creates a permission that is the union of the current permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - is a permission that represents all the states represented by both the current permission and the specified permission. Any demand that passes either permission passes their union. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. diff --git a/xml/System.Security.Permissions/EnvironmentPermissionAccess.xml b/xml/System.Security.Permissions/EnvironmentPermissionAccess.xml index f4c2304f6eb..b0fe94428fd 100644 --- a/xml/System.Security.Permissions/EnvironmentPermissionAccess.xml +++ b/xml/System.Security.Permissions/EnvironmentPermissionAccess.xml @@ -50,11 +50,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - This enumeration is used by . - -> [!NOTE] -> Although `NoAccess` and `AllAccess` appear in `EnvironmentPermissionAccess`, they are not valid for use as the parameter for because they describe no environment variable access types or all environment variable access types, respectively, and expects a single environment variable access type. - ]]> diff --git a/xml/System.Security.Permissions/EnvironmentPermissionAttribute.xml b/xml/System.Security.Permissions/EnvironmentPermissionAttribute.xml index 42f7174128e..594a556e8e1 100644 --- a/xml/System.Security.Permissions/EnvironmentPermissionAttribute.xml +++ b/xml/System.Security.Permissions/EnvironmentPermissionAttribute.xml @@ -45,18 +45,12 @@ Allows security actions for to be applied to code using declarative security. This class cannot be inherited. - that is used. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class. - - Environment variable names are case-insensitive. Multiple environment variable names are specified by separating the names using . - ]]> @@ -134,14 +128,7 @@ Sets full access for the environment variables specified by the string value. A list of environment variables for full access. - - . - - ]]> - + To be added. The get method is not supported for this property. @@ -179,16 +166,7 @@ Creates and returns a new . An that corresponds to this attribute. - - - + To be added. @@ -224,14 +202,7 @@ Gets or sets read access for the environment variables specified by the string value. A list of environment variables for read access. - - . - - ]]> - + To be added. @@ -267,14 +238,7 @@ Gets or sets write access for the environment variables specified by the string value. A list of environment variables for write access. - - . - - ]]> - + To be added. diff --git a/xml/System.Security.Permissions/FileDialogPermission.xml b/xml/System.Security.Permissions/FileDialogPermission.xml index 649221d469c..867170c579f 100644 --- a/xml/System.Security.Permissions/FileDialogPermission.xml +++ b/xml/System.Security.Permissions/FileDialogPermission.xml @@ -51,8 +51,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - This permission is typically used to provide limited access to user-specified files when is not granted. - ]]> @@ -139,14 +137,7 @@ One of the values ( or ). Initializes a new instance of the class with either restricted or unrestricted permission, as specified. - - - + To be added. The parameter is not a valid value of . @@ -221,14 +212,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -313,14 +297,7 @@ A permission to intersect with the current permission. It must be the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. A new permission that represents the intersection of the current permission and the specified permission. This new permission is if the intersection is empty. - - - + To be added. The parameter is not and is not of the same type as the current permission. @@ -362,14 +339,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - access is a subset of a permission for access. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. @@ -411,14 +381,7 @@ Returns a value indicating whether the current permission is unrestricted. if the current permission is unrestricted; otherwise, . - - - + To be added. @@ -495,14 +458,7 @@ A permission to combine with the current permission. It must be of the same type as the current permission. Creates a permission that is the union of the current permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - is a permission that represents all operations represented by both the current permission and the specified permission. Any demand that passes either permission passes their union. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. diff --git a/xml/System.Security.Permissions/FileDialogPermissionAttribute.xml b/xml/System.Security.Permissions/FileDialogPermissionAttribute.xml index 3b442638b94..dc5cd4509c1 100644 --- a/xml/System.Security.Permissions/FileDialogPermissionAttribute.xml +++ b/xml/System.Security.Permissions/FileDialogPermissionAttribute.xml @@ -51,10 +51,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - The scope of the declaration that is allowed depends on the that is used. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class. - ]]> @@ -132,16 +128,7 @@ Creates and returns a new . A that corresponds to this attribute. - - - + To be added. diff --git a/xml/System.Security.Permissions/FileIOPermission.xml b/xml/System.Security.Permissions/FileIOPermission.xml index 0be0e5fc607..961ba3a557d 100644 --- a/xml/System.Security.Permissions/FileIOPermission.xml +++ b/xml/System.Security.Permissions/FileIOPermission.xml @@ -51,30 +51,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - This permission distinguishes between the following four types of file IO access provided by : - -- `Read`: Read access to the contents of the file or access to information about the file, such as its length or last modification time. - -- `Write`: Write access to the contents of the file or access to change information about the file, such as its name. Also allows for deletion and overwriting. - -- `Append`: Ability to write to the end of a file only. No ability to read. - -- `PathDiscovery`: Access to the information in the path itself. This helps protect sensitive information in the path, such as user names, as well as information about the directory structure that is revealed in the path. This value does not grant access to files or folders represented by the path. - -> [!NOTE] -> Giving access to an assembly is similar to granting it full trust. If an application should not write to the file system, it should not have access. - - All these permissions are independent, meaning that rights to one do not imply rights to another. For example, `Write` permission does not imply permission to `Read` or `Append`. If more than one permission is desired, they can be combined using a bitwise OR as shown in the code example that follows. File permission is defined in terms of canonical absolute paths; calls should always be made with canonical file paths. - - describes protected operations on files and folders. The class helps provide secure access to files and folders. The security access check is performed when the handle to the file is created. By doing the check at creation time, the performance impact of the security check is minimized. Opening a file happens once, while reading and writing can happen multiple times. Once the file is opened, no further checks are done. If the object is passed to an untrusted caller, it can be misused. For example, file handles should not be stored in public global statics where code with less permission can access them. - - specifies actions that can be performed on the file or folder. In addition, these actions can be combined using a bitwise OR to form complex instances. - - Access to a folder implies access to all the files it contains, as well as access to all the files and folders in its subfolders. For example, `Read` access to C:\folder1\ implies `Read` access to C:\folder1\file1.txt, C:\folder1\folder2\\, C:\folder1\folder2\file2.txt, and so on. - -> [!NOTE] -> In versions of the .NET Framework before the .NET Framework 4, you could use the method to prevent inadvertent access to system resources by trusted code. is now obsolete, and access to resources is now determined solely by the granted permission set for an assembly. To limit access to files, you must run partially trusted code in a sandbox and assign it permissions only to resources that the code is allowed to access. For information about running an application in a sandbox, see [How to: Run Partially Trusted Code in a Sandbox](/dotnet/framework/misc/how-to-run-partially-trusted-code-in-a-sandbox). - ]]> @@ -124,14 +100,7 @@ One of the enumeration values. Initializes a new instance of the class with fully restricted or unrestricted permission as specified. - - - + To be added. The parameter is not a valid value of . @@ -170,14 +139,7 @@ A bitwise combination of the enumeration values. The absolute path of the file or directory. Initializes a new instance of the class with the specified access to the designated file or directory. - - values to be specified for the specified file or directory. Use the method to define complex permissions. - - ]]> - + To be added. The parameter is not a valid value of . -or- @@ -224,14 +186,7 @@ A bitwise combination of the enumeration values. An array containing the absolute paths of the files and directories. Initializes a new instance of the class with the specified access to the designated files and directories. - - value to be specified for the specified files and directories. Use the method to define complex permissions. - - ]]> - + To be added. The parameter is not a valid value of . -or- @@ -275,19 +230,7 @@ A bitwise combination of the enumeration values. The absolute path of the file or directory. Initializes a new instance of the class with the specified access to the designated file or directory and the specified access rights to file control information. - - value to be specified for the specified file or directories. Use the method to define complex permissions. - - The `control` parameter specifies whether the access control list (ACL) for the file or directory specified by `path` can be changed, viewed, or cannot be accessed. - -> [!IMPORTANT] -> An access control list (ACL) describes individuals or groups who have, or do not have, rights to specific actions on the given file and its properties. The ability to change or view an ACL is an important permission and should be granted with caution. - - ]]> - + To be added. The parameter is not a valid value of . -or- @@ -335,19 +278,7 @@ A bitwise combination of the enumeration values. An array containing the absolute paths of the files and directories. Initializes a new instance of the class with the specified access to the designated files and directories and the specified access rights to file control information. - - value to be specified for the specified files and directories. Use the method to define complex permissions. - - The `control` parameter specifies whether the access control list (ACL) for the file or directory specified by `path` can be changed, viewed, or cannot be accessed. - -> [!IMPORTANT] -> An access control list (ACL) describes individuals or groups who have, or do not have, rights to specific actions on the given file and its properties. The ability to change or view an ACL is an important permission and should be granted with caution. - - ]]> - + To be added. The parameter is not a valid value of . -or- @@ -403,14 +334,7 @@ A bitwise combination of the values. The absolute path of a file or directory. Adds access for the specified file or directory to the existing state of the permission. - - - + To be added. The parameter is not a valid value of . -or- @@ -462,14 +386,7 @@ A bitwise combination of the values. An array containing the absolute paths of the files and directories. Adds access for the specified files and directories to the existing state of the permission. - - - + To be added. The parameter is not a valid value of . -or- @@ -512,16 +429,7 @@ Gets or sets the permitted access to all files. The set of file I/O flags for all files. - - value can be checked for using a bitwise AND operation. - - ]]> - + To be added. @@ -557,16 +465,7 @@ Gets or sets the permitted access to all local files. The set of file I/O flags for all local files. - - value can be checked for using a bitwise AND operation. - - ]]> - + To be added. @@ -603,14 +502,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -650,14 +542,7 @@ Determines whether the specified object is equal to the current . if the specified is equal to the current object; otherwise, . - - . - - ]]> - + To be added. @@ -738,14 +623,7 @@ Gets a hash code for the object that is suitable for use in hashing algorithms and data structures such as a hash table. A hash code for the current object. - - objects. - - ]]> - + To be added. @@ -785,17 +663,7 @@ One of the values that represents a single type of file access. Gets all files and directories with the specified . An array containing the paths of the files and directories to which access specified by the parameter is granted. - - [!NOTE] -> The `access` parameter is limited to the values of , which represent single types of file access. Those values are , , , and . The values acceptable to `access` do not include and , which do not represent single types of file access. - - ]]> - + To be added. is not a valid value of . @@ -841,14 +709,7 @@ A permission to intersect with the current permission. It must be the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. A new permission that represents the intersection of the current permission and the specified permission. This new permission is if the intersection is empty. - - - + To be added. The parameter is not and is not of the same type as the current permission. @@ -890,14 +751,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - - + To be added. The parameter is not and is not of the same type as the current permission. @@ -939,14 +793,7 @@ Returns a value indicating whether the current permission is unrestricted. if the current permission is unrestricted; otherwise, . - - - + To be added. @@ -1129,14 +976,7 @@ A permission to combine with the current permission. It must be the same type as the current permission. Creates a permission that is the union of the current permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - is a permission that represents all the operations represented by both the current permission and the specified permission. Any demand that passes either permission passes their union. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. diff --git a/xml/System.Security.Permissions/FileIOPermissionAccess.xml b/xml/System.Security.Permissions/FileIOPermissionAccess.xml index b6ac3f2da53..229cfd9fb33 100644 --- a/xml/System.Security.Permissions/FileIOPermissionAccess.xml +++ b/xml/System.Security.Permissions/FileIOPermissionAccess.xml @@ -50,13 +50,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] -This enumeration is used with the class. - -> [!NOTE] -> Giving `Write` access to an assembly is similar to granting it Full Trust. If an application should not write to the file system, it should not have Write access. - -Although `NoAccess` and `AllAccess` are members of `FileIOPermissionAccess`, they are not valid for use as the parameter for because they describe no file access types or all file access types, respectively. expects a single file access type. - ]]> diff --git a/xml/System.Security.Permissions/FileIOPermissionAttribute.xml b/xml/System.Security.Permissions/FileIOPermissionAttribute.xml index f458a1dc5a7..48d13560ff3 100644 --- a/xml/System.Security.Permissions/FileIOPermissionAttribute.xml +++ b/xml/System.Security.Permissions/FileIOPermissionAttribute.xml @@ -51,15 +51,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - Files and directories are specified using absolute paths. When accessing files, a security check is performed when the file is created or opened. The security check is not done again unless the file is closed and reopened. Checking permissions when the file is first accessed minimizes the impact of the security check on application performance because opening a file happens only once, while reading and writing can happen multiple times. - - The scope of the declaration that is allowed depends on the that is used. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class. - -> [!CAUTION] -> `Unrestricted` grants permission for all paths within a file system, including multiple pathnames that can be used to access a single given file. To access to a file, you must `Deny` all possible paths to the file. For example, if \\\server\share is mapped to the network drive X, to `Deny` access to \\\server\share\file, you must `Deny` \\\server\share\file, X:\file and any other path that you can use to access the file. - ]]> @@ -143,14 +134,7 @@ Gets or sets full access for the file or directory that is specified by the string value. The absolute path of the file or directory for full access. - - - + To be added. The get method is not supported for this property. @@ -186,16 +170,7 @@ Gets or sets the permitted access to all files. A bitwise combination of the values that represents the permissions for all files. The default is . - - value can be determined by using a bitwise `AND` operation. - - ]]> - + To be added. @@ -230,16 +205,7 @@ Gets or sets the permitted access to all local files. A bitwise combination of the values that represents the permissions for all local files. The default is . - - value can be determined by using a bitwise `AND` operation. - - ]]> - + To be added. @@ -275,14 +241,7 @@ Gets or sets append access for the file or directory that is specified by the string value. The absolute path of the file or directory for append access. - - - + To be added. @@ -317,17 +276,7 @@ Gets or sets the file or directory in which access control information can be changed. The absolute path of the file or directory in which access control information can be changed. - - attributes to specify additional files and directories. - -> [!IMPORTANT] -> An access control list (ACL) describes individuals or groups who have, or do not have, rights to specific actions on the given file and its properties. The ability to change an ACL is an important permission and should be granted with caution. - - ]]> - + To be added. @@ -364,16 +313,7 @@ Creates and returns a new . A that corresponds to this attribute. - - - + To be added. The path information for a file or directory for which access is to be secured contains invalid characters or wildcard specifiers. @@ -410,19 +350,7 @@ Gets or sets the file or directory to which to grant path discovery. The absolute path of the file or directory. - - [!NOTE] -> For performance reasons, should be granted only to directories, not to files. For example, permission should be granted to paths such as C:\test and C:\test\\, not to files such as C:\test\example.txt. - - This property sets access for a single file or directory. Use additional attributes to specify additional files and directories. - - ]]> - + To be added. @@ -458,14 +386,7 @@ Gets or sets read access for the file or directory specified by the string value. The absolute path of the file or directory for read access. - - - + To be added. @@ -500,17 +421,7 @@ Gets or sets the file or directory in which access control information can be viewed. The absolute path of the file or directory in which access control information can be viewed. - - attributes to specify additional files and directories. - -> [!IMPORTANT] -> An access control list (ACL) describes individuals or groups who have, or do not have, rights to specific actions on the given file and its properties. The ability to view an ACL is an important permission and should be granted with caution. - - ]]> - + To be added. @@ -545,17 +456,7 @@ Gets or sets the file or directory in which file data can be viewed and modified. The absolute path of the file or directory in which file data can be viewed and modified. - - , , , and properties for a single file or directory. Use additional attributes to specify additional files and directories. The access rights are for file data only; they do not include the access control properties and . - -> [!NOTE] -> The `get` accessor is provided for C# compiler compatibility. The C# compiler requires attribute properties to be read/write. - - ]]> - + To be added. The accessor is called. The accessor is provided only for C# compiler compatibility. @@ -592,14 +493,7 @@ Gets or sets write access for the file or directory specified by the string value. The absolute path of the file or directory for write access. - - - + To be added. diff --git a/xml/System.Security.Permissions/GacIdentityPermission.xml b/xml/System.Security.Permissions/GacIdentityPermission.xml index 7cc0b493e31..80b5aa8bca1 100644 --- a/xml/System.Security.Permissions/GacIdentityPermission.xml +++ b/xml/System.Security.Permissions/GacIdentityPermission.xml @@ -46,13 +46,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - Files are either in the global assembly cache, or they are not. There are no variations to the permission granted, so all objects are equal. - -> [!IMPORTANT] -> Starting with .NET Framework 4, identity permissions are not used. -> -> In .NET Framework versions 1.0 and 1.1, demands on the identity permissions are effective even when the calling assembly is fully trusted. That is, although the calling assembly has full trust, a demand for an identity permission fails if the assembly does not meet the demanded criteria. Starting with .NET Framework version 2.0, demands for identity permissions are ineffective if the calling assembly has full trust. This assures consistency for all permissions, eliminating the treatment of identity permissions as a special case. - ]]> @@ -95,14 +88,7 @@ Initializes a new instance of the class. - - with a value of . - - ]]> - + To be added. @@ -137,16 +123,7 @@ One of the values. Initializes a new instance of the class with fully restricted . - - [!NOTE] -> Starting with .NET Framework version 2.0, identity permissions can have any permission state value. This means that identity permissions have the same behavior as permissions that implement the interface. - - ]]> - + To be added. is not a valid value. @@ -184,14 +161,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -229,14 +199,7 @@ A that contains the XML encoding to use to create the permission. Creates a permission from an XML encoding. - - method creates a from an XML encoding defined by a object. Use the method to XML-encode the , including state information. - - ]]> - + To be added. is . @@ -283,16 +246,7 @@ A permission to intersect with the current permission. It must be of the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. A new permission that represents the intersection of the current permission and the specified permission. The new permission is if the intersection is empty. - - only supports set operations (the , , and methods) when the current permission is equal to the specified permission. - - ]]> - + To be added. is not and is not of the same type as the current permission. @@ -334,16 +288,7 @@ Indicates whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - only supports set operations (the , , and methods) when the current permission is equal to the specified permission. - - ]]> - + To be added. is not and is not of the same type as the current permission. @@ -381,14 +326,7 @@ Creates an XML encoding of the permission and its current state. A that represents the XML encoding of the permission, including any state information. - - method to create a from a . - - ]]> - + To be added. @@ -427,16 +365,7 @@ A permission to combine with the current permission. It must be of the same type as the current permission. Creates and returns a permission that is the union of the current permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - method is a permission that includes all the operations represented by both the current permission and the specified permission. Any demand that passes either permission passes their union. - - A only supports set operations (the , , and methods) when the current permission is equal to the specified permission. - - ]]> - + To be added. is not and is not of the same type as the current permission. diff --git a/xml/System.Security.Permissions/GacIdentityPermissionAttribute.xml b/xml/System.Security.Permissions/GacIdentityPermissionAttribute.xml index 2ee66d59008..78ad4c22501 100644 --- a/xml/System.Security.Permissions/GacIdentityPermissionAttribute.xml +++ b/xml/System.Security.Permissions/GacIdentityPermissionAttribute.xml @@ -50,19 +50,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - This class is used to ensure that callers are registered in the global assembly cache (GAC). - - The scope of the declaration that is allowed depends on the value that is used. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class, . - -> [!IMPORTANT] -> Starting with .NET Framework 4, identity permissions aren't used. -> -> Demands for identity permissions are ineffective if the calling assembly has full trust. This assures consistency for all permissions, eliminating the treatment of identity permissions as a special case. - - For more information about using attributes, see [Attributes](/dotnet/standard/attributes/). - ]]> @@ -99,18 +86,7 @@ One of the values. Initializes a new instance of the class with the specified value. - - value. - - This constructor associates a (for example, `Demand`) with the . - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. Use for imperative security. - - ]]> - + To be added. The parameter is not a valid value. @@ -147,16 +123,7 @@ Creates a new object. A that corresponds to this attribute. - - - + To be added. diff --git a/xml/System.Security.Permissions/HostProtectionAttribute.xml b/xml/System.Security.Permissions/HostProtectionAttribute.xml index dd748b9cd73..9d438ce95fa 100644 --- a/xml/System.Security.Permissions/HostProtectionAttribute.xml +++ b/xml/System.Security.Permissions/HostProtectionAttribute.xml @@ -50,25 +50,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - This attribute affects only unmanaged applications that host the common language runtime and implement host protection, such as SQL Server. If the code is run in a client application or on a server that is not host-protected, the attribute "evaporates"; it is not detected and therefore not applied. When applied, the security action results in the creation of a link demand based on the host resources the class or method exposes. - -> [!IMPORTANT] -> The purpose of this attribute is to enforce host-specific programming model guidelines, not security behavior. Although a link demand is used to check for conformance to programming model requirements, the is not a security permission. - - If the host does not have programming model requirements, the link demands do not occur. - - This attribute identifies the following: - -- Methods or classes that do not fit the host programming model, but are otherwise benign. -- Methods or classes that do not fit the host programming model and could lead to destabilizing server-managed user code. -- Methods or classes that do not fit the host programming model and could lead to a destabilization of the server process itself. - -> [!NOTE] -> If you are creating a class library that is to be called by applications that may execute in a host protected environment, you should apply this attribute to members that expose resource categories. The .NET Framework class library members with this attribute cause only the immediate caller to be checked. Your library member must also cause a check of its immediate caller in the same manner. - -> [!NOTE] -> Do not use the [Ngen.exe (Native Image Generator)](/dotnet/framework/tools/ngen-exe-native-image-generator) to create a native image of assemblies that are protected by the . In a full-trust environment, the image is always loaded, without regard to the , and in a partial-trust environment the image is not loaded. - ]]> Extending Metadata Using Attributes @@ -112,14 +93,7 @@ Initializes a new instance of the class with default values. - - with all Boolean properties set to `false`. - - ]]> - + To be added. @@ -154,14 +128,7 @@ One of the values. Initializes a new instance of the class with the specified value. - - - + To be added. is not . @@ -199,16 +166,7 @@ Creates and returns a new host protection permission. An that corresponds to the current attribute. - - - + To be added. @@ -244,14 +202,7 @@ Gets or sets a value indicating whether external process management is exposed. if external process management is exposed; otherwise, . The default is . - - - + To be added. @@ -288,14 +239,7 @@ Gets or sets a value indicating whether external threading is exposed. if external threading is exposed; otherwise, . The default is . - - - + To be added. @@ -332,14 +276,7 @@ Gets or sets a value indicating whether resources might leak memory if the operation is terminated. if resources might leak memory on termination; otherwise, . - - - + To be added. @@ -375,14 +312,7 @@ Gets or sets flags specifying categories of functionality that are potentially harmful to the host. A bitwise combination of the values. The default is . - - flags specify the resources exposed by the method or class that are potentially harmful to the host. - - ]]> - + To be added. @@ -419,14 +349,7 @@ Gets or sets a value indicating whether the security infrastructure is exposed. if the security infrastructure is exposed; otherwise, . The default is . - - object to impersonate a user is an example of exposing the security infrastructure. - - ]]> - + To be added. @@ -463,14 +386,7 @@ Gets or sets a value indicating whether self-affecting process management is exposed. if self-affecting process management is exposed; otherwise, . The default is . - - - + To be added. @@ -507,14 +423,7 @@ Gets or sets a value indicating whether self-affecting threading is exposed. if self-affecting threading is exposed; otherwise, . The default is . - - - + To be added. @@ -551,14 +460,7 @@ Gets or sets a value indicating whether shared state is exposed. if shared state is exposed; otherwise, . The default is . - - is `true`, it indicates that a state is exposed that might be shared between threads. - - ]]> - + To be added. diff --git a/xml/System.Security.Permissions/HostProtectionResource.xml b/xml/System.Security.Permissions/HostProtectionResource.xml index da248ee3782..a404d54eb00 100644 --- a/xml/System.Security.Permissions/HostProtectionResource.xml +++ b/xml/System.Security.Permissions/HostProtectionResource.xml @@ -53,8 +53,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - This enumeration is used by the attribute. - ]]> diff --git a/xml/System.Security.Permissions/IUnrestrictedPermission.xml b/xml/System.Security.Permissions/IUnrestrictedPermission.xml index 5be2aa5a516..af9b5b2209f 100644 --- a/xml/System.Security.Permissions/IUnrestrictedPermission.xml +++ b/xml/System.Security.Permissions/IUnrestrictedPermission.xml @@ -45,8 +45,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - All code access permissions should implement . - ]]> diff --git a/xml/System.Security.Permissions/IsolatedStorageContainment.xml b/xml/System.Security.Permissions/IsolatedStorageContainment.xml index 3aeb1646446..0a89ae7a49f 100644 --- a/xml/System.Security.Permissions/IsolatedStorageContainment.xml +++ b/xml/System.Security.Permissions/IsolatedStorageContainment.xml @@ -46,28 +46,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - Isolated storage uses evidence to determine a unique storage area for use by an application or component. The identity of an assembly uniquely determines the root of a virtual file system for use by that assembly. Thus, rather than many applications and components sharing a common resource such as the file system or registry, each has its own file area inherently assigned to it. - - Four basic isolation scopes are used when assigning isolated storage: - -- `User` - Code is always scoped according to the current user. The same assembly will receive different stores when being run by different users. - -- `Machine` - Code is always scoped according to the machine. The same assembly will receive the same stores when being run by different users on the same machine. - -- `Assembly` - Code is identified cryptographically by strong name (for example, Microsoft.Office.\* or Microsoft.Office.Word), by publisher (based on public key), by URL (for example, `http://www.fourthcoffee.com/process/grind.htm`), by site, or by zone. - -- `Domain` - Code is identified based on evidence associated with the application domain. Web application identity is derived from the site's URL, or by the Web page's URL, site, or zone. Local code identity is based on the application directory path. - - For definitions of URL, site, and zone, see , , and . - - These identities are grouped together, in which case the identities are applied one after another until the desired isolated storage is created. The valid groupings are User+Assembly and User+Assembly+Domain. This grouping of identities is useful in many different applications. - - If data is stored by domain, user, and assembly, the data is private in that only code in that assembly can access the data. The data store is also isolated by the application in which it runs, so that the assembly does not represent a potential leak by exposing data to other applications. - - Isolation by assembly and user could be used for user data that applies across multiple applications; for example, license information, or a user's personal information (name, authentication credentials, and so on) that is independent of an application. - - exposes flags that determine whether an application is allowed to use isolated storage and, if so, which identity combinations are allowed to use it. It also determines whether an application is allowed to store information in a location that can roam with a user (Windows Roaming User Profiles or Folder Redirection must be configured). - ]]> diff --git a/xml/System.Security.Permissions/IsolatedStorageFilePermission.xml b/xml/System.Security.Permissions/IsolatedStorageFilePermission.xml index 5f58b364ed7..f08f55996b3 100644 --- a/xml/System.Security.Permissions/IsolatedStorageFilePermission.xml +++ b/xml/System.Security.Permissions/IsolatedStorageFilePermission.xml @@ -47,13 +47,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - The common language runtime (CLR) uses this class to control access to isolated storage. - - Isolated storage creates a unique storage area for use by an application or component. It provides true isolation in that the identity of an application uniquely determines the root of a virtual file system, which only that application can access. Thus, each application has its own file area automatically assigned to it. This file area is fully isolated from other applications, making it private to that application. - -> [!NOTE] -> There is no effect if you use , , or to add stack modifiers for usage or quota. Usage and quota are determined from evidence and a stack walk is not performed for demands, making the above operations ineffective. - ]]> @@ -95,14 +88,7 @@ One of the values. Initializes a new instance of the class with either fully restricted or unrestricted permission as specified. - - - + To be added. The parameter is not a valid value of . @@ -140,14 +126,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -187,14 +166,7 @@ A permission to intersect with the current permission object. It must be of the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. A new permission that represents the intersection of the current permission and the specified permission. This new permission is if the intersection is empty. - - - + To be added. The parameter is not and is not of the same type as the current permission. @@ -236,14 +208,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - - + To be added. The parameter is not and is not of the same type as the current permission. @@ -280,14 +245,7 @@ Creates an XML encoding of the permission and its current state. An XML encoding of the permission, including any state information. - - method enables the to be XML-encoded for security purposes. - - ]]> - + To be added. @@ -327,14 +285,7 @@ A permission to combine with the current permission. It must be of the same type as the current permission. Creates a permission that is the union of the current permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - is a permission that represents all the operations represented by both the current permission and the specified permission. Any demand that passes either permission passes their union. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. diff --git a/xml/System.Security.Permissions/IsolatedStorageFilePermissionAttribute.xml b/xml/System.Security.Permissions/IsolatedStorageFilePermissionAttribute.xml index 1a4472b7485..d8043baef99 100644 --- a/xml/System.Security.Permissions/IsolatedStorageFilePermissionAttribute.xml +++ b/xml/System.Security.Permissions/IsolatedStorageFilePermissionAttribute.xml @@ -45,16 +45,12 @@ Allows security actions for to be applied to code using declarative security. This class cannot be inherited. - that is used. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class. - ]]> @@ -134,16 +130,7 @@ Creates and returns a new . An that corresponds to this attribute. - - - + To be added. diff --git a/xml/System.Security.Permissions/IsolatedStoragePermission.xml b/xml/System.Security.Permissions/IsolatedStoragePermission.xml index 27f73421a79..8f2cb76dd47 100644 --- a/xml/System.Security.Permissions/IsolatedStoragePermission.xml +++ b/xml/System.Security.Permissions/IsolatedStoragePermission.xml @@ -45,14 +45,12 @@ Represents access to generic isolated storage capabilities. - @@ -94,14 +92,7 @@ One of the values. Initializes a new instance of the class with either restricted or unrestricted permission as specified. - - - + To be added. The parameter is not a valid value of . @@ -143,10 +134,10 @@ Reconstructs a permission with a specified state from an XML encoding. To be added. The parameter is . - The parameter is not a valid permission element. - - -or- - + The parameter is not a valid permission element. + + -or- + The parameter's version number is not valid. @@ -188,14 +179,7 @@ Returns a value indicating whether the current permission is unrestricted. if the current permission is unrestricted; otherwise, . - - - + To be added. diff --git a/xml/System.Security.Permissions/IsolatedStoragePermissionAttribute.xml b/xml/System.Security.Permissions/IsolatedStoragePermissionAttribute.xml index d33db19a21e..fe3472c89cd 100644 --- a/xml/System.Security.Permissions/IsolatedStoragePermissionAttribute.xml +++ b/xml/System.Security.Permissions/IsolatedStoragePermissionAttribute.xml @@ -41,18 +41,12 @@ Allows security actions for to be applied to code using declarative security. - that is used. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class. - ]]> @@ -95,14 +89,7 @@ One of the values. Initializes a new instance of the class with the specified . - - - + To be added. diff --git a/xml/System.Security.Permissions/KeyContainerPermission.xml b/xml/System.Security.Permissions/KeyContainerPermission.xml index 8205754e521..9e19f69747a 100644 --- a/xml/System.Security.Permissions/KeyContainerPermission.xml +++ b/xml/System.Security.Permissions/KeyContainerPermission.xml @@ -50,8 +50,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - This permission is used to provide limited access to key containers. - ]]> @@ -137,14 +135,7 @@ One of the values. Initializes a new instance of the class with either restricted or unrestricted permission. - - - + To be added. is not a valid value. @@ -222,14 +213,7 @@ Gets the collection of objects associated with the current permission. A containing the objects for this . - - object in the collection specifies the access rights for a specific key container. - - ]]> - + To be added. @@ -265,14 +249,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -307,14 +284,7 @@ Gets the key container permission flags that apply to all key containers associated with the permission. A bitwise combination of the values. - - property is set by the constructor. - - ]]> - + To be added. @@ -352,14 +322,7 @@ A that contains the XML encoding used to reconstruct the permission. Reconstructs a permission with a specified state from an XML encoding. - - method reconstructs a object from an XML encoding defined by the class. Use the method to XML-encode the , including state information. - - ]]> - + To be added. is . @@ -406,14 +369,7 @@ A permission to intersect with the current permission. It must be the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. A new permission that represents the intersection of the current permission and the specified permission. This new permission is if the intersection is empty. - - - + To be added. is not and does not specify a permission of the same type as the current permission. @@ -455,14 +411,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - access is a subset of a permission for access. - - ]]> - + To be added. is not and does not specify a permission of the same type as the current permission. @@ -504,14 +453,7 @@ Determines whether the current permission is unrestricted. if the current permission is unrestricted; otherwise, . - - - + To be added. @@ -547,14 +489,7 @@ Creates an XML encoding of the permission and its current state. A that contains an XML encoding of the permission, including state information. - - method to restore the state information from a . - - ]]> - + To be added. @@ -593,14 +528,7 @@ A permission to combine with the current permission. It must be of the same type as the current permission. Creates a permission that is the union of the current permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - is a permission that represents all operations represented by both the current permission and the specified permission. Any demand that passes either permission passes their union. - - ]]> - + To be added. is not and does not specify a permission of the same type as the current permission. diff --git a/xml/System.Security.Permissions/KeyContainerPermissionAccessEntry.xml b/xml/System.Security.Permissions/KeyContainerPermissionAccessEntry.xml index dcfdd70b426..d963d42601a 100644 --- a/xml/System.Security.Permissions/KeyContainerPermissionAccessEntry.xml +++ b/xml/System.Security.Permissions/KeyContainerPermissionAccessEntry.xml @@ -46,8 +46,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - This permission is intended to enable users to easily manage key containers when either a small number of keys is involved, or access is to be granted to only some keys. - ]]> @@ -96,14 +94,7 @@ A object that contains the cryptographic service provider (CSP) parameters. A bitwise combination of the values. Initializes a new instance of the class, using the specified cryptographic service provider (CSP) parameters and access permissions. - - object. - - ]]> - + To be added. The resulting entry would have unrestricted access. @@ -141,14 +132,7 @@ The name of the key container. A bitwise combination of the values. Initializes a new instance of the class, using the specified key container name and access permissions. - - - + To be added. The resulting entry would have unrestricted access. @@ -194,14 +178,7 @@ The key specification. See the property for values. A bitwise combination of the values. Initializes a new instance of the class with the specified property values. - - - + To be added. The resulting entry would have unrestricted access. @@ -242,14 +219,7 @@ Determines whether the specified object is equal to the current instance. if the specified is equal to the current object; otherwise, . - - method compares the properties of the two objects to determine if they are equal. - - ]]> - + To be added. @@ -284,18 +254,7 @@ Gets or sets the key container permissions. A bitwise combination of the values. The default is . - - [!CAUTION] -> Many of these flags are powerful and permit access to key containers that should only be granted to highly trusted code. - - The most powerful of the flags are , , , , , , and . For specific threats posed by the use of these flags, see individual flag descriptions. - - ]]> - + To be added. @@ -331,14 +290,7 @@ Gets a hash code for the current instance that is suitable for use in hashing algorithms and data structures such as a hash table. A hash code for the current object. - - , suitable for use in hashing algorithms and data structures such as a hash table. - - ]]> - + To be added. @@ -373,14 +325,7 @@ Gets or sets the key container name. The name of the key container. - - - + To be added. The resulting entry would have unrestricted access. @@ -416,14 +361,7 @@ Gets or sets the key specification. One of the AT_ values defined in the Wincrypt.h header file. - - - + To be added. The resulting entry would have unrestricted access. @@ -459,14 +397,7 @@ Gets or sets the name of the key store. The name of the key store. - - - + To be added. The resulting entry would have unrestricted access. @@ -502,14 +433,7 @@ Gets or sets the provider name. The name of the provider. - - - + To be added. The resulting entry would have unrestricted access. @@ -545,52 +469,7 @@ Gets or sets the provider type. One of the PROV_ values defined in the Wincrypt.h header file. - - - + To be added. The resulting entry would have unrestricted access. diff --git a/xml/System.Security.Permissions/KeyContainerPermissionAccessEntryCollection.xml b/xml/System.Security.Permissions/KeyContainerPermissionAccessEntryCollection.xml index 2a6a9667c1e..fedc906b33f 100644 --- a/xml/System.Security.Permissions/KeyContainerPermissionAccessEntryCollection.xml +++ b/xml/System.Security.Permissions/KeyContainerPermissionAccessEntryCollection.xml @@ -53,8 +53,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - objects specify access rights for specific key containers. - ]]> @@ -124,14 +122,7 @@ The object to add. Adds a object to the collection. The index at which the new element was inserted. - - object is added to the end of the collection. - - ]]> - + To be added. is . @@ -168,14 +159,7 @@ Removes all the objects from the collection. - - . - - ]]> - + To be added. @@ -304,14 +288,7 @@ Gets the number of items in the collection. The number of objects in the collection. - - property to determine the number of objects in the collection. The property is commonly used when iterating through the collection to determine the upper bound of the collection. - - ]]> - + To be added. @@ -350,23 +327,7 @@ Returns a object that can be used to iterate through the objects in the collection. A object that can be used to iterate through the collection. - - object that can be used to iterate through the collection to get each item. - - Use the property of the enumerator to get the item currently pointed to in the collection. - - Use the method of the enumerator to move to the next item in the collection. - - Use the method of the enumerator to move to the initial position. - -> [!NOTE] -> After you create a object or use the method to move the enumerator to the first item in the collection, you must call the method. Otherwise, the item represented by the property is undefined. - - ]]> - + To be added. @@ -406,14 +367,7 @@ The object to locate. Gets the index in the collection of the specified object, if it exists in the collection. The index of the specified object in the collection, or -1 if no match is found. - - object in the collection. If the specified object is not found, an value of -1 is returned. - - ]]> - + To be added. @@ -452,14 +406,7 @@ Gets a value indicating whether the collection is synchronized (thread safe). in all cases. - - property and always returns `false`. - - ]]> - + To be added. @@ -500,14 +447,7 @@ The zero-based index of the element to access. Gets the item at the specified index in the collection. The object at the specified index in the collection. - - object from the at the specified index, using array notation. - - ]]> - + To be added. is greater than or equal to the collection count. @@ -550,14 +490,7 @@ The object to remove. Removes the specified object from the collection. - - method. - - ]]> - + To be added. is . @@ -597,16 +530,7 @@ Gets an object that can be used to synchronize access to the collection. An object that can be used to synchronize access to the collection. - - object itself. - - For more information on the property, see the property of the interface. - - ]]> - + To be added. @@ -647,15 +571,7 @@ Returns a object that can be used to iterate through the objects in the collection. A object that can be used to iterate through the collection. - - instance is cast to an interface. - - ]]> - + To be added. diff --git a/xml/System.Security.Permissions/KeyContainerPermissionAccessEntryEnumerator.xml b/xml/System.Security.Permissions/KeyContainerPermissionAccessEntryEnumerator.xml index 09e1c999282..1af43c73ddd 100644 --- a/xml/System.Security.Permissions/KeyContainerPermissionAccessEntryEnumerator.xml +++ b/xml/System.Security.Permissions/KeyContainerPermissionAccessEntryEnumerator.xml @@ -50,18 +50,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - Enumerators allow only reading the data in the collection. Enumerators cannot be used to modify the underlying collection. - - Initially, the enumerator is positioned before the first element in the collection. The method also brings the enumerator back to this position. At this position, calling the property throws an exception. Therefore, you must call the method to advance the enumerator to the first element of the collection before reading the value of the property. - - returns the same object until either or is called. sets to the next element. - - After the end of the collection is passed, the enumerator is positioned after the last element in the collection, and calling returns `false`. If the last call to returned `false`, calling throws an exception. To reset to the first element of the collection, call followed by a call to . - - An enumerator remains valid as long as the collection remains unchanged. If changes are made to the collection, such as adding, modifying, or deleting elements, the enumerator is irrecoverably invalidated and the next call to or throws an . If the collection is modified between calling and , returns the element to which it is currently set, even if the enumerator is already invalidated. - - The enumerator does not have exclusive access to the collection; therefore, enumerating through a collection is intrinsically not a thread-safe procedure. Even when a collection is synchronized, other threads can still modify the collection, which causes the enumerator to throw an exception. To guarantee thread safety during enumeration, you can either lock the collection during the entire enumeration or catch the exceptions resulting from changes made by other threads. - ]]> @@ -126,16 +114,7 @@ Gets the current entry in the collection. The current object in the collection. - - property is not valid and will throw an exception if it is accessed. You must first call the method to position the cursor at the first object in the collection. - - Getting the property multiple times with no intervening calls to will return the same object each time. - - ]]> - + To be added. The property is accessed before first calling the method. The cursor is located before the first object in the collection. -or- @@ -180,18 +159,7 @@ Moves to the next element in the collection. if the enumerator was successfully advanced to the next element; if the enumerator has passed the end of the collection. - - method returns `false` immediately if there are no objects in the collection. - - returns `true` until it has reached the end of the collection. It then returns `false` for each successive call. However, once has returned `false`, accessing the property throws an exception. - - Upon creation, an enumerator is positioned before the first object in the collection, and the first call to positions the enumerator to the first object in the collection. - - ]]> - + To be added. @@ -229,16 +197,7 @@ Resets the enumerator to the beginning of the collection. - - method positions the cursor at the first object in the collection. After calling , you do not need to call to move the cursor forward to the first object. - - ]]> - + To be added. @@ -276,14 +235,7 @@ Gets the current object in the collection. The current object in the collection. - - property instead. - - ]]> - + To be added. diff --git a/xml/System.Security.Permissions/KeyContainerPermissionAttribute.xml b/xml/System.Security.Permissions/KeyContainerPermissionAttribute.xml index 9a7d17b1d26..5be6d5a26ac 100644 --- a/xml/System.Security.Permissions/KeyContainerPermissionAttribute.xml +++ b/xml/System.Security.Permissions/KeyContainerPermissionAttribute.xml @@ -44,16 +44,12 @@ Allows security actions for to be applied to code using declarative security. This class cannot be inherited. - value that is used. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. is used only for declarative security. For imperative security, use the class. - ]]> @@ -129,16 +125,7 @@ Creates and returns a new . A that corresponds to the attribute. - - - + To be added. @@ -173,18 +160,7 @@ Gets or sets the key container permissions. A bitwise combination of the values. The default is . - - [!CAUTION] -> Many of these flags are powerful and permit access to key containers that should be granted only to highly trusted code. - - The most powerful of the flags are , , , , , , and . For specific threats posed by the use of these flags, see individual flag descriptions. - - ]]> - + To be added. @@ -219,12 +195,15 @@ Gets or sets the name of the key container. The name of the key container. - - To be added. + + + + + + + + ]]> @@ -261,14 +240,7 @@ Gets or sets the key specification. One of the AT_ values defined in the Wincrypt.h header file. - - - + To be added. @@ -303,14 +275,7 @@ Gets or sets the name of the key store. The name of the key store. The default is "*". - - - + To be added. @@ -345,14 +310,7 @@ Gets or sets the provider name. The name of the provider. - - - + To be added. @@ -387,52 +345,7 @@ Gets or sets the provider type. One of the PROV_ values defined in the Wincrypt.h header file. - - - + To be added. diff --git a/xml/System.Security.Permissions/KeyContainerPermissionFlags.xml b/xml/System.Security.Permissions/KeyContainerPermissionFlags.xml index 390dee1fc87..be7aa34fb22 100644 --- a/xml/System.Security.Permissions/KeyContainerPermissionFlags.xml +++ b/xml/System.Security.Permissions/KeyContainerPermissionFlags.xml @@ -45,13 +45,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - This enumeration is used by members of the class. - -> [!CAUTION] -> Many of these flags can have powerful effects and should be granted only to highly trusted code. -> -> The most powerful flags are `Create`, `Delete`, `Import`, `Export`, `Sign`, `Decrypt`, and `AllFlags`. For specific threats that the use of these flags can present, see the member descriptions. - ]]> diff --git a/xml/System.Security.Permissions/MediaPermission.xml b/xml/System.Security.Permissions/MediaPermission.xml index feb6298e758..cfe0228bc78 100644 --- a/xml/System.Security.Permissions/MediaPermission.xml +++ b/xml/System.Security.Permissions/MediaPermission.xml @@ -57,8 +57,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - This permission uses the values of the , , and enumerations. - ]]> @@ -133,14 +131,7 @@ An enumerated value of . Initializes a new instance of the class by specifying the audio permission level. - - and . - - ]]> - + To be added. @@ -174,14 +165,7 @@ An enumerated value of . Initializes a new instance of the class by specifying the image permission level. - - and . - - ]]> - + To be added. @@ -215,14 +199,7 @@ An enumerated value of . Initializes a new instance of the class by specifying the video permission level. - - and . - - ]]> - + To be added. @@ -256,14 +233,7 @@ An enumerated value of . Initializes a new instance of the class by specifying a permission state. - - , all media types are granted full permission to play or display with no restrictions. If `state` is set to , all media types are restricted from playing or displaying. - - ]]> - + To be added. @@ -370,14 +340,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -525,16 +488,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - - + To be added. @@ -573,14 +527,7 @@ Returns a value indicating whether the current permission is unrestricted. if the audio, image, and video permissions are all unrestricted; otherwise, . - - , , and . - - ]]> - + To be added. diff --git a/xml/System.Security.Permissions/MediaPermissionAttribute.xml b/xml/System.Security.Permissions/MediaPermissionAttribute.xml index ca7f845e52a..27258282cf5 100644 --- a/xml/System.Security.Permissions/MediaPermissionAttribute.xml +++ b/xml/System.Security.Permissions/MediaPermissionAttribute.xml @@ -57,10 +57,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - controls the ability for audio, image, and video media to work in a partial-trust Windows Presentation Foundation (WPF) application. The scope of the declaration that is allowed depends on the that is used. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class, . - ]]> Extending Metadata Using Attributes @@ -97,14 +93,7 @@ One of the values. Initializes a new instance of . - - , , and . - - ]]> - + To be added. @@ -138,14 +127,7 @@ Gets or sets the audio permission level for the . The state of the . - - . - - ]]> - + To be added. @@ -180,16 +162,7 @@ Creates and returns a new . A that corresponds to this attribute. - - - + To be added. @@ -223,14 +196,7 @@ Gets or sets the image permission level for the . The state of the . - - . - - ]]> - + To be added. @@ -264,14 +230,7 @@ Gets or sets the video permission level for the . The state of the . - - . - - ]]> - + To be added. diff --git a/xml/System.Security.Permissions/MediaPermissionAudio.xml b/xml/System.Security.Permissions/MediaPermissionAudio.xml index 19d5e18afcb..bbaf09b8879 100644 --- a/xml/System.Security.Permissions/MediaPermissionAudio.xml +++ b/xml/System.Security.Permissions/MediaPermissionAudio.xml @@ -52,8 +52,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - Use this enumeration to set the property of the class. The default is SafeAudio. - ]]> diff --git a/xml/System.Security.Permissions/MediaPermissionImage.xml b/xml/System.Security.Permissions/MediaPermissionImage.xml index 93a3d36b394..40451837cba 100644 --- a/xml/System.Security.Permissions/MediaPermissionImage.xml +++ b/xml/System.Security.Permissions/MediaPermissionImage.xml @@ -52,8 +52,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - Use this enumeration to set the property of the class. The default is SafeImage. - ]]> diff --git a/xml/System.Security.Permissions/MediaPermissionVideo.xml b/xml/System.Security.Permissions/MediaPermissionVideo.xml index ade8c15a3b8..7a1fdf9e1d5 100644 --- a/xml/System.Security.Permissions/MediaPermissionVideo.xml +++ b/xml/System.Security.Permissions/MediaPermissionVideo.xml @@ -52,8 +52,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - Use this enumeration to set the property of the class. The default is SafeVideo. - ]]> diff --git a/xml/System.Security.Permissions/PermissionSetAttribute.xml b/xml/System.Security.Permissions/PermissionSetAttribute.xml index cc43bf316ea..987a0d4745a 100644 --- a/xml/System.Security.Permissions/PermissionSetAttribute.xml +++ b/xml/System.Security.Permissions/PermissionSetAttribute.xml @@ -51,12 +51,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - The properties , , and are mutually exclusive, meaning that a permission set can have as its source only one of the following: a named permission set, a file containing an XML representation of a permission set, or a string containing an XML representation of a permission set. - - The scope of the declaration that is allowed depends on the that is used. A performed on a is the equivalent of performing that action on each of the permissions within the set. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class. - ]]> @@ -134,14 +128,7 @@ This method is not used. A null reference ( in Visual Basic) in all cases. - - . - - ]]> - + To be added. @@ -178,16 +165,7 @@ Creates and returns a new permission set based on this permission set attribute object. A new permission set. - - - + To be added. @@ -223,14 +201,7 @@ Gets or sets a file containing the XML representation of a custom permission set to be declared. The physical path to the file containing the XML representation of the permission set. - - property to `true`. - - ]]> - + To be added. @@ -301,14 +272,7 @@ Gets or sets the name of the permission set. The name of an immutable (one of several permission sets that are contained in the default policy and cannot be altered). - - - + To be added. @@ -345,16 +309,7 @@ Gets or sets a value indicating whether the file specified by is Unicode or ASCII encoded. if the file is Unicode encoded; otherwise, . - - is `null` this property is not used. - - ]]> - + To be added. diff --git a/xml/System.Security.Permissions/PermissionState.xml b/xml/System.Security.Permissions/PermissionState.xml index a7461bcfc9b..ea12e0ff3b0 100644 --- a/xml/System.Security.Permissions/PermissionState.xml +++ b/xml/System.Security.Permissions/PermissionState.xml @@ -70,18 +70,12 @@ Specifies whether a permission should have all or no access to resources at creation. - value as an argument to their constructor. - ]]> diff --git a/xml/System.Security.Permissions/PrincipalPermission.xml b/xml/System.Security.Permissions/PrincipalPermission.xml index 20c799efa72..07ed10b9c38 100644 --- a/xml/System.Security.Permissions/PrincipalPermission.xml +++ b/xml/System.Security.Permissions/PrincipalPermission.xml @@ -57,17 +57,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - By passing identity information (user name and role) to the constructor, can be used to demand that the identity of the active principal matches this information. - - To match the active and associated , both the specified identity and role must match. If `null` identity string is used, it is interpreted as a request to match any identity. Use of `null` role string will match any role. By implication, passing `null` parameter for `name` or `role` to will match the identity and roles in any . It is also possible to construct a that only determines whether the represents an authenticated or unauthenticated entity. In this case, `name` and `role` are ignored. - - Unlike most other permissions, does not extend . It does, however, implement the interface. This is because is not a code access permission; that is, it is not granted based on the identity of the executing assembly. Instead, it allows code to perform actions (, , , and so on) against the current user identity in a manner consistent with the way those actions are performed for code access and code identity permissions. - -> [!IMPORTANT] -> Prior to a demand for principal permission it is necessary to set the current application domain's principal policy to the enumeration value . By default, the principal policy is set to . If you do not set the principal policy to , a demand for principal permission will fail. The following code should be executed before the principal permission is demanded: -> -> `AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal).` - ]]> @@ -116,17 +105,7 @@ One of the values. Initializes a new instance of the class with the specified . - - is the empty string (""), no , is `false`). `Unrestricted` matches all principals ( is `null`, is `null`). - -> [!NOTE] -> This constructor is included for consistency with the design of other permissions, but is not useful in practice. - - ]]> - + To be added. The parameter is not a valid . @@ -165,14 +144,7 @@ The name of the object's user. The role of the object's user (for example, Administrator). Initializes a new instance of the class for the specified and . - - and associated . Set `name` to `null` to check for any user in a role. - - ]]> - + To be added. @@ -213,14 +185,7 @@ to signify that the user is authenticated; otherwise, . Initializes a new instance of the class for the specified , , and authentication status. - - and associated . - - ]]> - + To be added. @@ -260,14 +225,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -306,21 +264,7 @@ Determines at run time whether the current principal matches the principal specified by the current permission. - - is raised, succeeds. - - This method acts against the principal attached to the calling thread. - -> [!IMPORTANT] -> Prior to calling the method, it is necessary to set the current application domain's principal policy to the enumeration value . By default the principal policy is set to . If you do not set the principal policy to , a demand for principal permission will fail. The following code should be executed before the demand for principal permission occurs: -> -> `AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal).` - - ]]> - + To be added. The current principal does not pass the security check for the principal specified by the current permission. -or- @@ -372,14 +316,7 @@ Determines whether the specified object is equal to the current . if the specified is equal to the current object; otherwise, . - - . - - ]]> - + To be added. @@ -463,14 +400,7 @@ Gets a hash code for the object that is suitable for use in hashing algorithms and data structures such as a hash table. A hash code for the current object. - - objects. - - ]]> - + To be added. @@ -558,14 +488,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - - + To be added. The parameter is an object that is not of the same type as the current permission. @@ -607,14 +530,7 @@ Returns a value indicating whether the current permission is unrestricted. if the current permission is unrestricted; otherwise, . - - matches any principal. - - ]]> - + To be added. diff --git a/xml/System.Security.Permissions/PrincipalPermissionAttribute.xml b/xml/System.Security.Permissions/PrincipalPermissionAttribute.xml index 0da1802a049..a2b637eff9f 100644 --- a/xml/System.Security.Permissions/PrincipalPermissionAttribute.xml +++ b/xml/System.Security.Permissions/PrincipalPermissionAttribute.xml @@ -51,15 +51,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - can be used to declaratively demand that users running your code belong to a specified role or have been authenticated. Use of creates a with set to `true` and and set to `null`. - - The scope of the declaration that is allowed depends on the that is used. cannot be applied at the assembly level. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class. - -> [!IMPORTANT] -> Before you use this class to demand principal permission, you must set the current application domain's principal policy to the enumeration value . By default, the principal policy is set to . If you do not set the principal policy to , a demand for principal permission will fail. The following code should be executed before the principal permission is demanded: `AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal).` - ]]> @@ -105,14 +96,7 @@ One of the values. Initializes a new instance of the class with the specified . - - that have meaning for this attribute. Other actions do not apply to permissions that are not code access permissions. - - ]]> - + To be added. @@ -186,16 +170,7 @@ Creates and returns a new . A that corresponds to this attribute. - - - + To be added. @@ -231,14 +206,7 @@ Gets or sets the name of the identity associated with the current principal. A name to match against that provided by the underlying role-based security provider. - - is the same as the user's Windows NT login name (in the form "DomainName\UserName"). Check the documentation of your host to determine which authentication provider it uses and how it determines the identity of the current principal. - - ]]> - + To be added. @@ -274,14 +242,7 @@ Gets or sets membership in a specified security role. The name of a role from the underlying role-based security provider. - - - + To be added. diff --git a/xml/System.Security.Permissions/PublisherIdentityPermission.xml b/xml/System.Security.Permissions/PublisherIdentityPermission.xml index ad898b22fda..6a2eccc7b98 100644 --- a/xml/System.Security.Permissions/PublisherIdentityPermission.xml +++ b/xml/System.Security.Permissions/PublisherIdentityPermission.xml @@ -47,16 +47,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] -> [!IMPORTANT] -> Starting with the .NET Framework 4, identity permissions are not used. -> -> In the .NET Framework versions 1.0 and 1.1, identity permissions cannot have an permission state value. Starting with the .NET Framework version 2.0, identity permissions can have any permission state value. This means that in 2.0 and later versions, identity permissions have the same behavior as permissions that implement the interface. That is, a demand for an identity always succeeds, regardless of the identity of the assembly, if the assembly has been granted full trust. -> -> In the .NET Framework versions 1.0 and 1.1, demands on the identity permissions are effective, even when the calling assembly is fully trusted. That is, although the calling assembly has full trust, a demand for an identity permission fails if the assembly does not meet the demanded criteria. Starting with the .NET Framework version 2.0, demands for identity permissions are ineffective if the calling assembly has full trust. This assures consistency for all permissions, eliminating the treatment of identity permissions as a special case. - -> [!NOTE] -> By default, code access security does not check for evidence. Unless your computer has a custom code group based on the class, you can improve performance by bypassing Authenticode signature verification. This is accomplished by configuring the runtime to not provide evidence for code access security. For more information about how to configure this option and which applications can use it, see the [<generatePublisherEvidence>](/dotnet/framework/configure-apps/file-schema/runtime/generatepublisherevidence-element) element. - ]]> @@ -107,14 +97,7 @@ An X.509 certificate representing the software publisher's identity. Initializes a new instance of the class with the specified Authenticode X.509v3 certificate. - - - + To be added. The parameter is . The parameter is not a valid certificate. @@ -152,19 +135,7 @@ One of the values. Initializes a new instance of the class with the specified . - - [!NOTE] -> In the .NET Framework versions 1.0 and 1.1, identity permissions cannot have an permission state value. Starting with the .NET Framework version 2.0, identity permissions can have any permission state value. This means that in 2.0 and later versions, identity permissions have the same behavior as permissions that implement the interface. That is, a demand for an identity always succeeds, regardless of the identity of the assembly, if the assembly has been granted full trust. - - In the .NET Framework versions 1.0 and 1.1, demands on the identity permissions are effective, even when the calling assembly is fully trusted. That is, although the calling assembly has full trust, a demand for an identity permission fails if the assembly does not meet the demanded criteria. Starting with the .NET Framework version 2.0, demands for identity permissions are ineffective if the calling assembly has full trust. This assures consistency for all permissions, eliminating the treatment of identity permissions as a special case. - - ]]> - + To be added. The parameter is not a valid value of . @@ -241,14 +212,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -333,16 +297,7 @@ A permission to intersect with the current permission. It must be of the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. A new permission that represents the intersection of the current permission and the specified permission. This new permission is if the intersection is empty. - - only supports set operations (, , and ) when the current permission is equal to the specified permission. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. @@ -384,16 +339,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - supports set operations (, , and ) only when the current permission is equal to the specified permission. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. @@ -471,16 +417,7 @@ A permission to combine with the current permission. It must be of the same type as the current permission. Creates a permission that is the union of the current permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - method is a permission that represents all the operations represented by both the current permission and the specified permission. Any demand that passes either permission passes their union. - - The class only supports set operations (, , and ) when the current permission is equal to the specified permission. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. -or- diff --git a/xml/System.Security.Permissions/PublisherIdentityPermissionAttribute.xml b/xml/System.Security.Permissions/PublisherIdentityPermissionAttribute.xml index ed7a74b0f7e..12741132d7e 100644 --- a/xml/System.Security.Permissions/PublisherIdentityPermissionAttribute.xml +++ b/xml/System.Security.Permissions/PublisherIdentityPermissionAttribute.xml @@ -51,20 +51,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - The scope of the declaration that is allowed depends on the that is used. - - The properties , , and are mutually exclusive. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class. - -> [!IMPORTANT] -> Starting with the .NET Framework 4, identity permissions are not used. -> -> In the .NET Framework versions 1.0 and 1.1, identity permissions cannot have an permission state value. Starting with the .NET Framework version 2.0, identity permissions can have any permission state value. This means that in 2.0 and later versions, identity permissions have the same behavior as permissions that implement the interface. - -> [!NOTE] -> By default, code access security does not check for evidence. Unless your computer has a custom code group based on the class, you can improve performance by bypassing Authenticode signature verification. This is accomplished by configuring the runtime to not provide evidence for code access security. For more information about how to configure this option and which applications can use it, see the [<generatePublisherEvidence>](/dotnet/framework/configure-apps/file-schema/runtime/generatepublisherevidence-element) element. - ]]> Extending Metadata Using Attributes @@ -139,14 +125,7 @@ Gets or sets a certification file containing an Authenticode X.509v3 certificate. The file path of an X.509 certificate file (usually has the extension.cer). - - is set, this property is ignored. - - ]]> - + To be added. @@ -183,16 +162,7 @@ Creates and returns a new instance of . A that corresponds to this attribute. - - - + To be added. @@ -228,14 +198,7 @@ Gets or sets a signed file from which to extract an Authenticode X.509v3 certificate. The file path of a file signed with the Authenticode signature. - - or is set, this property is ignored. - - ]]> - + To be added. @@ -271,16 +234,7 @@ Gets or sets an Authenticode X.509v3 certificate that identifies the publisher of the calling code. A hexadecimal representation of the X.509 certificate. - - and are ignored. - - You can obtain the hexadecimal representation by running the Strong Name tool (Sn.exe) with the token and public key options (**Sn** **-tp** *keyfile*`)` against a file that has an Authenticode signature. For more information, see [Sn.exe (Strong Name Tool)](/dotnet/framework/tools/sn-exe-strong-name-tool). - - ]]> - + To be added. diff --git a/xml/System.Security.Permissions/ReflectionPermission.xml b/xml/System.Security.Permissions/ReflectionPermission.xml index 4fc4a2f4b17..6967a8a092b 100644 --- a/xml/System.Security.Permissions/ReflectionPermission.xml +++ b/xml/System.Security.Permissions/ReflectionPermission.xml @@ -51,15 +51,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - Without , code can use reflection to access only the public members of objects. Code with and the appropriate flags can access the `protected` and `private` members of objects. - -> [!CAUTION] -> Because can provide access to non-public types and members, we recommend that you do not grant to Internet code, except with the flag. allows access to non-public members, with the restriction that the grant set of the non-public members must be equal to, or a subset of, the grant set of the code that accesses the non-public members. - - Certain features of reflection emit, such as emitting debug symbols, require with the flag. - - For more information, see the enumeration. - ]]> @@ -111,14 +102,7 @@ One of the values. Initializes a new instance of the class with either fully restricted or unrestricted permission as specified. - - - + To be added. The parameter is not a valid value of . @@ -193,14 +177,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -322,14 +299,7 @@ A permission to intersect with the current permission. It must be of the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. A new permission that represents the intersection of the current permission and the specified permission. This new permission is if the intersection is empty. - - - + To be added. The parameter is not and is not of the same type as the current permission. @@ -371,14 +341,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - - + To be added. The parameter is not and is not of the same type as the current permission. @@ -420,14 +383,7 @@ Returns a value indicating whether the current permission is unrestricted. if the current permission is unrestricted; otherwise, . - - - + To be added. @@ -504,14 +460,7 @@ A permission to combine with the current permission. It must be of the same type as the current permission. Creates a permission that is the union of the current permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - is a permission that represents all the operations represented by both the current permission and the specified permission. Any demand that passes either permission passes their union. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. diff --git a/xml/System.Security.Permissions/ReflectionPermissionAttribute.xml b/xml/System.Security.Permissions/ReflectionPermissionAttribute.xml index 728ce7ea7da..8f900a448c6 100644 --- a/xml/System.Security.Permissions/ReflectionPermissionAttribute.xml +++ b/xml/System.Security.Permissions/ReflectionPermissionAttribute.xml @@ -51,10 +51,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - The scope of the declaration that is allowed depends on the that is used. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class. - ]]> @@ -134,16 +130,7 @@ Creates and returns a new . A that corresponds to this attribute. - - - + To be added. @@ -349,14 +336,7 @@ Gets or sets a value that indicates whether reflection on members that are not visible is allowed. if reflection on members that are not visible is allowed; otherwise, . - - . - - ]]> - + To be added. diff --git a/xml/System.Security.Permissions/ReflectionPermissionFlag.xml b/xml/System.Security.Permissions/ReflectionPermissionFlag.xml index e5774fcc616..3d1903319bc 100644 --- a/xml/System.Security.Permissions/ReflectionPermissionFlag.xml +++ b/xml/System.Security.Permissions/ReflectionPermissionFlag.xml @@ -50,14 +50,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - This enumeration is used by the and classes. If no is granted, reflection is allowed on all types and members, but invocation operations are allowed only on visible types and members. For more information, see [Security Considerations for Reflection](/dotnet/framework/reflection-and-codedom/security-considerations-for-reflection). - -> [!CAUTION] -> Because can provide access to private class members, we recommend that you grant to Internet code only with the `RestrictedMemberAccess` flag, and not with any other flags. - -> [!IMPORTANT] -> `AllFlags` does not include the `RestrictedMemberAccess` flag. To get a mask that includes all flags in this enumeration, you must use the combination of `AllFlags` with `RestrictedMemberAccess`. - ]]> @@ -224,7 +216,7 @@ 4 - Emitting debug symbols is allowed. Beginning with .NET Framework 2.0 Service Pack 1, this flag is no longer required to emit code. + Emitting debug symbols is allowed. diff --git a/xml/System.Security.Permissions/RegistryPermission.xml b/xml/System.Security.Permissions/RegistryPermission.xml index 30383dd6260..3b74ab09b42 100644 --- a/xml/System.Security.Permissions/RegistryPermission.xml +++ b/xml/System.Security.Permissions/RegistryPermission.xml @@ -51,15 +51,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - describes protected operations on registry variables. Registry variables should not be stored in memory locations where code without can access them. If the registry object is passed to an untrusted caller it can be misused. - - The allowed registry access types are defined by . If more than one type of access is desired, they can be combined using the bitwise OR operation as shown in the code sample that follows. - - Registry permission is defined in terms of canonical absolute paths; checks should always be made with canonical pathnames. Key access implies access to all values it contains and all variables under it. - -> [!NOTE] -> In versions of .NET Framework before .NET Framework 4, you could use the method to prevent inadvertent access to system resources by trusted code. is now obsolete, and access to resources is now determined solely by the granted permission set for an assembly. To limit access to files, you must run partially trusted code in a sandbox and assign it permissions only to resources that the code is allowed to access. For information about running an application in a sandbox, see [How to: Run Partially Trusted Code in a Sandbox](/dotnet/framework/misc/how-to-run-partially-trusted-code-in-a-sandbox). - ]]> @@ -109,14 +100,7 @@ One of the values. Initializes a new instance of the class with either fully restricted or unrestricted permission as specified. - - - + To be added. The parameter is not a valid value of . @@ -155,14 +139,7 @@ One of the values. A list of registry variables (semicolon-separated) to which access is granted. Initializes a new instance of the class with the specified access to the specified registry variables. - - values to be specified. This access applies to all listed registry variables. Use to define more complicated permissions. - - ]]> - + To be added. The parameter is not a valid value of . -or- @@ -206,19 +183,7 @@ A bitwise combination of the values. A list of registry variables (semicolon-separated) to which access is granted. Initializes a new instance of the class with the specified access to the specified registry variables and the specified access rights to registry control information. - - values to be specified. This access applies to all listed registry variables. Use to define more complicated permissions. - - The `control` parameter specifies whether the access control list (ACL) for the registry keys specified by `pathList` can be changed, viewed, or cannot be accessed. - -> [!IMPORTANT] -> An access control list (ACL) describes individuals or groups who have, or do not have, rights to specific actions on the specified registry keys. The ability to change or view an ACL is an important permission and should be granted with caution. - - ]]> - + To be added. The parameter is not a valid value of . -or- @@ -234,14 +199,7 @@ Adds access for the specified registry variables to the existing state of the permission. - - - + To be added. @@ -282,14 +240,7 @@ One of the values. A list of registry variables (semicolon-separated). Adds access for the specified registry variables to the existing state of the permission. - - - + To be added. The parameter is not a valid value of . -or- @@ -336,19 +287,7 @@ One of the values. A list of registry variables (separated by semicolons). Adds access for the specified registry variables to the existing state of the permission, specifying registry permission access and access control actions. - - [!IMPORTANT] -> An access control list (ACL) describes individuals or groups who have, or do not have, rights to specific actions on the specified registry keys. The ability to change or view an ACL is an important permission and should be granted with caution. - - ]]> - + To be added. The parameter is not a valid value of . -or- @@ -390,14 +329,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -482,17 +414,7 @@ One of the values that represents a single type of registry variable access. Gets paths for all registry variables with the specified . A list of the registry variables (semicolon-separated) with the specified . - - [!NOTE] -> The `access` parameter is limited to the values of , which represent single types of registry variable access. Those values are , , and . The values acceptable to `access` do not include and , which do not represent single types of registry variable access. - - ]]> - + To be added. is not a valid value of . @@ -538,14 +460,7 @@ A permission to intersect with the current permission. It must be of the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. A new permission that represents the intersection of the current permission and the specified permission. This new permission is if the intersection is empty. - - - + To be added. The parameter is not and is not of the same type as the current permission. @@ -587,14 +502,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - - + To be added. The parameter is not and is not of the same type as the current permission. @@ -636,14 +544,7 @@ Returns a value indicating whether the current permission is unrestricted. if the current permission is unrestricted; otherwise, . - - - + To be added. @@ -684,14 +585,7 @@ One of the values. A list of registry variables (semicolon-separated). Sets new access for the specified registry variable names to the existing state of the permission. - - - + To be added. The parameter is not a valid value of . -or- @@ -773,14 +667,7 @@ A permission to combine with the current permission. It must be of the same type as the current permission. Creates a permission that is the union of the current permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - is a permission that represents all the operations represented by both the current permission and the specified permission. Any demand that passes either permission passes their union. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. diff --git a/xml/System.Security.Permissions/RegistryPermissionAccess.xml b/xml/System.Security.Permissions/RegistryPermissionAccess.xml index c7ff6fa258b..b082252b424 100644 --- a/xml/System.Security.Permissions/RegistryPermissionAccess.xml +++ b/xml/System.Security.Permissions/RegistryPermissionAccess.xml @@ -50,11 +50,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - values are independent; rights to one type of access do not imply rights to another. For instance, `Write` permission does not imply permission to `Read` or `Create`. - -> [!NOTE] -> Although `NoAccess` and `AllAccess` appear in `RegistryPermissionAccess`, they are not valid for use as the parameter for because they describe no registry variable access types or all registry variable access types, respectively, and expects a single registry variable access type. - ]]> diff --git a/xml/System.Security.Permissions/RegistryPermissionAttribute.xml b/xml/System.Security.Permissions/RegistryPermissionAttribute.xml index 7697587f951..2a7c54aa11a 100644 --- a/xml/System.Security.Permissions/RegistryPermissionAttribute.xml +++ b/xml/System.Security.Permissions/RegistryPermissionAttribute.xml @@ -51,10 +51,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - The scope of the declaration that is allowed depends on the that is used. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class. - ]]> @@ -142,14 +138,7 @@ Gets or sets full access for the specified registry keys. A semicolon-separated list of registry key paths, for full access. - - - + To be added. The get accessor is called; it is only provided for C# compiler compatibility. @@ -185,17 +174,7 @@ Gets or sets change access control for the specified registry keys. A semicolon-separated list of registry key paths, for change access control. . - - [!IMPORTANT] -> An access control list (ACL) describes individuals or groups who have, or do not have, rights to specific actions for the given registry keys. The ability to change an ACL is an important permission and should be granted with caution. - - ]]> - + To be added. @@ -231,14 +210,7 @@ Gets or sets create-level access for the specified registry keys. A semicolon-separated list of registry key paths, for create-level access. - - - + To be added. @@ -275,16 +247,7 @@ Creates and returns a new . A that corresponds to this attribute. - - - + To be added. @@ -320,14 +283,7 @@ Gets or sets read access for the specified registry keys. A semicolon-separated list of registry key paths, for read access. - - - + To be added. @@ -362,17 +318,7 @@ Gets or sets view access control for the specified registry keys. A semicolon-separated list of registry key paths, for view access control. - - [!IMPORTANT] -> An access control list (ACL) describes individuals or groups who have, or do not have, rights to specific actions for the given registry keys. The ability to view an ACL is an important permission and should be granted with caution. - - ]]> - + To be added. @@ -407,19 +353,7 @@ Gets or sets a specified set of registry keys that can be viewed and modified. A semicolon-separated list of registry key paths, for create, read, and write access. - - , , and access rights for the specified keys and their values. The access rights are for registry data only; they do not include the access control rights or . - -> [!NOTE] -> The get accessor is provided for C# compiler compatibility. The C# compiler requires attribute properties to be read/write. - - ]]> - + To be added. The get accessor is called; it is only provided for C# compiler compatibility. @@ -456,14 +390,7 @@ Gets or sets write access for the specified registry keys. A semicolon-separated list of registry key paths, for write access. - - - + To be added. diff --git a/xml/System.Security.Permissions/ResourcePermissionBase.xml b/xml/System.Security.Permissions/ResourcePermissionBase.xml index 50d92bfbca9..ac681988a8f 100644 --- a/xml/System.Security.Permissions/ResourcePermissionBase.xml +++ b/xml/System.Security.Permissions/ResourcePermissionBase.xml @@ -50,9 +50,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] -> [!NOTE] -> The class compares strings using ordinal sort rules and ignores the case of the strings being compared. - ]]> @@ -212,14 +209,7 @@ Specifies the character to be used to represent the any wildcard character. - - - + To be added. @@ -290,14 +280,7 @@ Creates and returns an identical copy of the current permission object. A copy of the current permission object. - - - + To be added. @@ -377,14 +360,7 @@ Returns an array of the objects added to this permission. An array of objects that were added to this permission. - - and to add and remove permission entries to this permission. - - ]]> - + To be added. @@ -426,14 +402,7 @@ A permission object of the same type as the current permission object. Creates and returns a permission object that is the intersection of the current permission object and a target permission object. A new permission object that represents the intersection of the current object and the specified target. This object is if the intersection is empty. - - - + To be added. The target permission object is not of the same type as the current permission object. @@ -474,16 +443,7 @@ Determines whether the current permission object is a subset of the specified permission. if the current permission object is a subset of the specified permission object; otherwise, . - - - + To be added. @@ -523,14 +483,7 @@ Gets a value indicating whether the permission is unrestricted. if permission is unrestricted; otherwise, . - - - + To be added. @@ -564,14 +517,7 @@ Specifies the character to be used to represent a local reference. - - - + To be added. @@ -771,14 +717,7 @@ A permission object to combine with the current permission object. It must be of the same type as the current permission object. Creates a permission object that combines the current permission object and the target permission object. A new permission object that represents the union of the current permission object and the specified permission object. - - is a permission that represents all the operations represented by both the current permission object and the specified permission object. Any demand that passes either permission passes their union. - - ]]> - + To be added. The permission object is not of the same type as the current permission object. diff --git a/xml/System.Security.Permissions/ResourcePermissionBaseEntry.xml b/xml/System.Security.Permissions/ResourcePermissionBaseEntry.xml index a811340b116..dae5a483d82 100644 --- a/xml/System.Security.Permissions/ResourcePermissionBaseEntry.xml +++ b/xml/System.Security.Permissions/ResourcePermissionBaseEntry.xml @@ -87,14 +87,7 @@ Initializes a new instance of the class. - - property is set to zero. - - ]]> - + To be added. @@ -202,14 +195,7 @@ Gets an array of strings that identify the resource you are protecting. An array of strings that identify the resource you are protecting. - - has two properties, and . The for returns + "\\\\" + . For example, "myMachine\\\myCategory". - - ]]> - + To be added. diff --git a/xml/System.Security.Permissions/SecurityAction.xml b/xml/System.Security.Permissions/SecurityAction.xml index 34e71be7ee6..4c5b634edfe 100644 --- a/xml/System.Security.Permissions/SecurityAction.xml +++ b/xml/System.Security.Permissions/SecurityAction.xml @@ -86,27 +86,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - The following table describes the time that each security action takes place and the targets that it supports. - -> [!IMPORTANT] -> In .NET Framework 4, runtime support has been removed for enforcing the Deny, RequestMinimum, RequestOptional, and RequestRefuse permission requests. These requests should not be used in code that is based on .NET Framework 4 or later. For more information about this and other changes, see [Security Changes](/dotnet/framework/security/security-changes). - - You should not use `LinkDemand` in .NET Framework 4. Instead, use the to restrict usage to fully trusted applications, or use `Demand` to restrict partially trusted callers. - -| Declaration of security action | Time of action | Targets supported | -|--------------------------------------------------|--------------------------|-------------------| -| `LinkDemand` (do not use in .NET Framework 4+) | Just-in-time compilation | Class, method | -| `InheritanceDemand` | Load time | Class, method | -| `Demand` | Run time | Class, method | -| `Assert` | Run time | Class, method | -| `Deny` (obsolete in .NET Framework 4) | Run time | Class, method | -| `PermitOnly` | Run time | Class, method | -| `RequestMinimum` (obsolete in .NET Framework 4) | Grant time | Assembly | -| `RequestOptional` (obsolete in .NET Framework 4) | Grant time | Assembly | -| `RequestRefuse` (obsolete in .NET Framework 4) | Grant time | Assembly | - - For additional information about attribute targets, see . - ]]> @@ -373,7 +352,7 @@ 6 - The immediate caller is required to have been granted the specified permission. Do not use in the .NET Framework 4. For full trust, use instead; for partial trust, use . + The immediate caller is required to have been granted the specified permission. diff --git a/xml/System.Security.Permissions/SecurityAttribute.xml b/xml/System.Security.Permissions/SecurityAttribute.xml index 27334f3cb6d..2f030f9dc3b 100644 --- a/xml/System.Security.Permissions/SecurityAttribute.xml +++ b/xml/System.Security.Permissions/SecurityAttribute.xml @@ -148,14 +148,7 @@ One of the values. Initializes a new instance of with the specified . - - property. - - ]]> - + To be added. @@ -207,14 +200,7 @@ Gets or sets a security action. One of the values. - - - + To be added. @@ -268,14 +254,7 @@ When overridden in a derived class, creates a permission object that can then be serialized into binary form and persistently stored along with the in an assembly's metadata. A serializable permission object. - - - + To be added. @@ -328,14 +307,7 @@ Gets or sets a value indicating whether full (unrestricted) permission to the resource protected by the attribute is declared. if full permission to the protected resource is declared; otherwise, . - - - + To be added. diff --git a/xml/System.Security.Permissions/SecurityPermission.xml b/xml/System.Security.Permissions/SecurityPermission.xml index f3a52ee6558..32fe12f281b 100644 --- a/xml/System.Security.Permissions/SecurityPermission.xml +++ b/xml/System.Security.Permissions/SecurityPermission.xml @@ -51,8 +51,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - This permission uses the enumeration. The values for this enumeration can be found in its documentation. - ]]> @@ -102,14 +100,7 @@ One of the values. Initializes a new instance of the class with either restricted or unrestricted permission as specified. - - - + To be added. The parameter is not a valid value of . @@ -184,14 +175,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -227,14 +211,7 @@ Gets or sets the security permission flags. The state of the current permission, represented by a bitwise OR combination of any permission bits defined by . - - - + To be added. An attempt is made to set this property to an invalid value. See for the valid values. @@ -320,14 +297,7 @@ A permission to intersect with the current permission. It must be of the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. A new permission object that represents the intersection of the current permission and the specified permission. This new permission is if the intersection is empty. - - - + To be added. The parameter is not and is not of the same type as the current permission. @@ -369,14 +339,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - - + To be added. The parameter is not and is not of the same type as the current permission. @@ -418,14 +381,7 @@ Returns a value indicating whether the current permission is unrestricted. if the current permission is unrestricted; otherwise, . - - - + To be added. @@ -502,14 +458,7 @@ A permission to combine with the current permission. It must be of the same type as the current permission. Creates a permission that is the union of the current permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - is a permission that represents all the operations represented by both the current permission and the specified permission. Any demand that passes either permission passes their union. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. diff --git a/xml/System.Security.Permissions/SecurityPermissionAttribute.xml b/xml/System.Security.Permissions/SecurityPermissionAttribute.xml index 42caf3de33d..7d2e8c2e2f0 100644 --- a/xml/System.Security.Permissions/SecurityPermissionAttribute.xml +++ b/xml/System.Security.Permissions/SecurityPermissionAttribute.xml @@ -91,15 +91,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - The scope of the declaration that is allowed depends on the that is used. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class. - - When you use the class, follow the security action with the permission(s) that are being requested. Each security permission that can be requested, as defined in the enumeration, has a corresponding property in the class. For example, to demand the ability to access unmanaged code, follow the demand statement with the property setting that is being requested, as follows: `SecurityPermissionAttribute(SecurityAction.Demand, UnmanagedCode=true)`. - -> [!NOTE] -> An exception to the equivalence between the enumeration and the properties is that the enumeration value is represented by the property (inherited from the class). To demand all security permissions, specify `Unrestricted=true`. - ]]> @@ -261,14 +252,7 @@ Gets or sets a value that indicates whether code has permission to perform binding redirection in the application configuration file. if code can perform binding redirects; otherwise, . - - - + To be added. @@ -586,14 +570,7 @@ Gets or sets a value indicating whether permission to manipulate threads is declared. if permission to manipulate threads is declared; otherwise, . - - . - - ]]> - + To be added. @@ -647,16 +624,7 @@ Creates and returns a new . A that corresponds to this attribute. - - - + To be added. @@ -709,14 +677,7 @@ Gets or sets a value indicating whether permission to execute code is declared. if permission to execute code is declared; otherwise, . - - permission at the assembly level is ignored. If an assembly has the right to execute, permission is automatically granted, and setting the property to either `true` or `false` has no effect. - - ]]> - + To be added. @@ -981,16 +942,7 @@ Gets or sets a value indicating whether permission to bypass code verification is declared. if permission to bypass code verification is declared; otherwise, . - - [!CAUTION] -> This is a powerful permission that should be granted only to highly trusted code. - - ]]> - + To be added. diff --git a/xml/System.Security.Permissions/SecurityPermissionFlag.xml b/xml/System.Security.Permissions/SecurityPermissionFlag.xml index 7620defa9ce..63940f55754 100644 --- a/xml/System.Security.Permissions/SecurityPermissionFlag.xml +++ b/xml/System.Security.Permissions/SecurityPermissionFlag.xml @@ -90,11 +90,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - This enumeration is used by . - -> [!CAUTION] -> Many of these flags are powerful and should only be granted to highly trusted code. - ]]> diff --git a/xml/System.Security.Permissions/SiteIdentityPermission.xml b/xml/System.Security.Permissions/SiteIdentityPermission.xml index aaf93980d23..c89fae8c4f8 100644 --- a/xml/System.Security.Permissions/SiteIdentityPermission.xml +++ b/xml/System.Security.Permissions/SiteIdentityPermission.xml @@ -47,21 +47,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - Using this class, it is possible to ensure that callers are from a specific Web site. Site identity is only defined for code from URLs with the protocols of HTTP, HTTPS, and FTP. A site is the string between the "//" after the protocol of a URL and the following "/", if present, for example, `www.fourthcoffee.com` in the URL `http://www.fourthcoffee.com/process/grind.htm`. This excludes port numbers. If a given URL is `http://www.fourthcoffee.com:8000/`, the site is `www.fourthcoffee.com`, not `www.fourthcoffee.com:8000`. - - Sites can be matched exactly, or by a wildcard ("\*") prefix at the dot delimiter. For example, the site name string `*.fourthcoffee.com` matches `fourthcoffee.com` as well as `www.fourthcoffee.com`. Without a wildcard, the site name must be a precise match. The site name string \* will match any site, but will not match code that has no site evidence. - -> [!IMPORTANT] -> Starting with the .NET Framework 4, identity permissions are not used. -> -> In the .NET Framework versions 1.0 and 1.1, demands on the identity permissions are effective, even when the calling assembly is fully trusted. That is, although the calling assembly has full trust, a demand for an identity permission fails if the assembly does not meet the demanded criteria. Starting with the .NET Framework version 2.0, demands for identity permissions are ineffective if the calling assembly has full trust. This assures consistency for all permissions, eliminating the treatment of identity permissions as a special case. - -> [!NOTE] -> In versions of the .NET Framework before the .NET Framework 4, you could use the method to prevent inadvertent access to system resources by trusted code. is now obsolete, and access to resources is now determined solely by the granted permission set for an assembly. To limit access to files, you must run partially trusted code in a sandbox and assign it permissions only to resources that the code is allowed to access. For information about running an application in a sandbox, see [How to: Run Partially Trusted Code in a Sandbox](/dotnet/framework/misc/how-to-run-partially-trusted-code-in-a-sandbox). - -> [!NOTE] -> In the .NET Framework versions 1.0 and 1.1, identity permissions cannot have an permission state value. Starting with the .NET Framework version 2.0, identity permissions can have any permission state value. This means that in 2.0 and later versions, identity permissions have the same behavior as permissions that implement the interface. - ]]> @@ -112,19 +97,7 @@ One of the values. Initializes a new instance of the class with the specified . - - matches no sites. This constructor is included for consistency with the design of other permissions, but is not useful in practice. - -> [!NOTE] -> In the .NET Framework versions 1.0 and 1.1, identity permissions cannot have an permission state value. Starting with the .NET Framework version 2.0, identity permissions can have any permission state value. This means that in 2.0 and later versions, identity permissions have the same behavior as permissions that implement the interface. That is, a demand for an identity always succeeds, regardless of the identity of the assembly, if the assembly has been granted full trust. - - In the .NET Framework versions 1.0 and 1.1, demands on the identity permissions are effective, even when the calling assembly is fully trusted. That is, although the calling assembly has full trust, a demand for an identity permission fails if the assembly does not meet the demanded criteria. Starting with the .NET Framework version 2.0, demands for identity permissions are ineffective if the calling assembly has full trust. This assures consistency for all permissions, eliminating the treatment of identity permissions as a special case. - - ]]> - + To be added. The parameter is not a valid value of . @@ -161,16 +134,7 @@ The site name or wildcard expression. Initializes a new instance of the class to represent the specified site identity. - - - + To be added. The parameter is not a valid string, or does not match a valid wildcard site name. @@ -208,14 +172,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -300,16 +257,7 @@ A permission to intersect with the current permission. It must be of the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. A new permission that represents the intersection of the current permission and the specified permission. This new permission is if the intersection is empty. - - - + To be added. The parameter is not and is not of the same type as the current permission. @@ -351,28 +299,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - for a range of values of the current permission and the specified permission. - -|Current Permission|Specified Permission|IsSubsetOf| -|------------------------|--------------------------|----------------| -|`www.fourthcoffee.com`|`www.fourthcoffee.com`|`true`| -|`www.fourthcoffee.com`|`www.tailspintoys.com`|`false`| -|`www.fourthcoffee.com`|`*.fourthcoffee.com`|`true`| -|`www.fourthcoffee.com`|`*.com`|`true`| -|`*.fourthcoffee.com`|`www.fourthcoffee.com`|`false`| -|`*.fourthcoffee.com`|`*.fourthcoffee.com`|`true`| -|`*.fourthcoffee.com`|`*.com`|`true`| -|Anything except `None`|`*`|`true`| -|`None`|Anything|`true`| - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. @@ -409,16 +336,7 @@ Gets or sets the current site. The current site. - - - + To be added. The site identity cannot be retrieved because it has an ambiguous identity. @@ -496,16 +414,7 @@ A permission to combine with the current permission. It must be of the same type as the current permission. Creates a permission that is the union of the current permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - is a permission that represents all the sites represented by both the current permission and the specified permission. Any demand that passes either permission passes their union. For example, the union of a permission that represents access to `www.fourthcoffee.com` and one that represents access to `*.fourthcoffee.com` is a permission that represents access to `*.fourthcoffee.com`. - - The union of a permission and `null` is the permission that is not `null`. The union of a permission and a subset of that permission is the permission that contains the subset. Any other combination results in an being thrown. For example, the union of the site identity `www.fourthcoffee.com` and the site identity `www.tailspintoys.com` results in an exception because neither is a subset of the other. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. -or- diff --git a/xml/System.Security.Permissions/SiteIdentityPermissionAttribute.xml b/xml/System.Security.Permissions/SiteIdentityPermissionAttribute.xml index 34957ea9c0c..c684fd5cc64 100644 --- a/xml/System.Security.Permissions/SiteIdentityPermissionAttribute.xml +++ b/xml/System.Security.Permissions/SiteIdentityPermissionAttribute.xml @@ -45,25 +45,12 @@ Allows security actions for to be applied to code using declarative security. This class cannot be inherited. - [!IMPORTANT] -> Starting with the .NET Framework 4, identity permissions are not used. -> -> In the .NET Framework versions 1.0 and 1.1, demands on the identity permissions are effective even when the calling assembly is fully trusted. That is, although the calling assembly has full trust, a demand for an identity permission fails if the assembly does not meet the demanded criteria. In the .NET Framework version 2.0, demands for identity permissions are ineffective if the calling assembly has full trust. This assures consistency for all permissions, eliminating the treatment of identity permissions as a special case. - - The scope of the declaration that is allowed depends on the that is used. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class. - ]]> @@ -142,16 +129,7 @@ Creates and returns a new instance of . A that corresponds to this attribute. - - - + To be added. @@ -187,16 +165,7 @@ Gets or sets the site name of the calling code. The site name to compare against the site name specified by the security provider. - - - + To be added. diff --git a/xml/System.Security.Permissions/StorePermission.xml b/xml/System.Security.Permissions/StorePermission.xml index 64acd7b3153..d916f1e3397 100644 --- a/xml/System.Security.Permissions/StorePermission.xml +++ b/xml/System.Security.Permissions/StorePermission.xml @@ -49,8 +49,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - controls the access that code is granted to X.509 stores. The permission is based on flags representing the access levels that apply to every store. - ]]> @@ -97,14 +95,7 @@ One of the values. Initializes a new instance of the class with either fully restricted or unrestricted permission state. - - property can then be set to specify the type of access allowed. - - ]]> - + To be added. is not a valid value. @@ -140,14 +131,7 @@ A bitwise combination of the values. Initializes a new instance of the class with the specified access. - - - + To be added. is not a valid combination of values. @@ -184,14 +168,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -225,14 +202,7 @@ Gets or sets the type of access allowed by the current permission. A bitwise combination of the values. - - property specifies the permitted access to X.509 stores. X.509 stores are physical stores used to persist and manage X.509 certificates. - - ]]> - + To be added. An attempt is made to set this property to an invalid value. See for the valid values. @@ -270,14 +240,7 @@ A that contains the XML encoding to use to reconstruct the permission. Reconstructs a permission with a specified state from an XML encoding. - - method reconstructs a object from an XML encoding defined by the class. Use the method to XML-encode the , including state information. - - ]]> - + To be added. is . @@ -323,14 +286,7 @@ A permission to intersect with the current permission. It must be of the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. A new permission that represents the intersection of the current permission and the specified permission. This new permission is if the intersection is empty. - - - + To be added. s not and is not of the same type as the current permission. @@ -371,14 +327,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - - + To be added. is not and is not of the same type as the current permission. @@ -419,14 +368,7 @@ Returns a value indicating whether the current permission is unrestricted. if the current permission is unrestricted; otherwise, . - - - + To be added. @@ -461,14 +403,7 @@ Creates an XML encoding of the permission and its current state. A that contains an XML encoding of the permission, including any state information. - - method to restore the state information from a . - - ]]> - + To be added. @@ -506,14 +441,7 @@ A permission to combine with the current permission. It must be of the same type as the current permission. Creates a permission that is the union of the current permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - is a permission that represents all operations represented by both the current permission and the specified permission. Any demand that passes either permission passes their union. - - ]]> - + To be added. is not and is not of the same type as the current permission. diff --git a/xml/System.Security.Permissions/StorePermissionAttribute.xml b/xml/System.Security.Permissions/StorePermissionAttribute.xml index 8df9cc5b890..c4cd3bc5f07 100644 --- a/xml/System.Security.Permissions/StorePermissionAttribute.xml +++ b/xml/System.Security.Permissions/StorePermissionAttribute.xml @@ -49,10 +49,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - The scope of the declaration that is allowed depends on the value that is used. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. The attribute is used only for declarative security. For imperative security, use the class. - ]]> @@ -126,14 +122,7 @@ Gets or sets a value indicating whether the code is permitted to add to a store. if the ability to add to a store is allowed; otherwise, . - - - + To be added. @@ -168,16 +157,7 @@ Creates and returns a new . A that corresponds to the attribute. - - - + To be added. @@ -212,14 +192,7 @@ Gets or sets a value indicating whether the code is permitted to create a store. if the ability to create a store is allowed; otherwise, . - - method. - - ]]> - + To be added. @@ -254,14 +227,7 @@ Gets or sets a value indicating whether the code is permitted to delete a store. if the ability to delete a store is allowed; otherwise, . - - class. - - ]]> - + To be added. @@ -296,14 +262,7 @@ Gets or sets a value indicating whether the code is permitted to enumerate the certificates in a store. if the ability to enumerate certificates is allowed; otherwise, . - - - + To be added. @@ -338,14 +297,7 @@ Gets or sets a value indicating whether the code is permitted to enumerate stores. if the ability to enumerate stores is allowed; otherwise, . - - class. - - ]]> - + To be added. @@ -379,18 +331,7 @@ Gets or sets the store permissions. A bitwise combination of the values. The default is . - - [!CAUTION] -> Many of these flags are powerful and permit access to stores that should be granted only to highly trusted code. - - The most powerful of the flags are , , , and . For specific threats posed by the use of these flags, see individual flag descriptions. - - ]]> - + To be added. @@ -425,14 +366,7 @@ Gets or sets a value indicating whether the code is permitted to open a store. if the ability to open a store is allowed; otherwise, . - - - + To be added. @@ -467,14 +401,7 @@ Gets or sets a value indicating whether the code is permitted to remove a certificate from a store. if the ability to remove a certificate from a store is allowed; otherwise, . - - - + To be added. diff --git a/xml/System.Security.Permissions/StorePermissionFlags.xml b/xml/System.Security.Permissions/StorePermissionFlags.xml index c8220149cd8..b8721f1df14 100644 --- a/xml/System.Security.Permissions/StorePermissionFlags.xml +++ b/xml/System.Security.Permissions/StorePermissionFlags.xml @@ -48,8 +48,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] -Many of these access permissions pose potential security and privacy threats. Great care should be taken in granting access to stores. A brief description of the type of threat exposed by an access can be found in the summary for the individual enumeration member. - ]]> diff --git a/xml/System.Security.Permissions/StrongNameIdentityPermission.xml b/xml/System.Security.Permissions/StrongNameIdentityPermission.xml index 2a57b561c9c..8dcaa52f15f 100644 --- a/xml/System.Security.Permissions/StrongNameIdentityPermission.xml +++ b/xml/System.Security.Permissions/StrongNameIdentityPermission.xml @@ -47,23 +47,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] -> [!IMPORTANT] -> Starting with the .NET Framework 4, identity permissions are not used. -> -> In the .NET Framework versions 1.0 and 1.1, identity permissions cannot have an permission state value. In the .NET Framework version 2.0 and later, identity permissions can have any permission state value. This means that in version 2.0 and later versions, identity permissions have the same behavior as permissions that implement the interface. That is, a demand for an identity always succeeds, regardless of the identity of the assembly, if the assembly has been granted full trust. - - Use to confirm that the calling code is in a particular strong-named code assembly. Full demands for succeed only if all the assemblies in the stack have the correct evidence to satisfy the demand. Link demands that use the attribute succeed only if the immediate caller has the correct evidence. - - A strong name identity is based on a cryptographic public key called a binary large object (BLOB), which is optionally combined with the name and version of a specific assembly. The key defines a unique namespace and provides strong verification that the name is genuine, because the definition of the name must be in an assembly that is signed by the corresponding private key. - - Note that the validity of the strong name key is not dependent on a trust relationship or on any certificate necessarily being issued for the key. - - In the .NET Framework versions 1.0 and 1.1, demands on the identity permissions are effective even when the calling assembly is fully trusted. That is, even if the calling assembly has full trust, a demand for an identity permission fails if the assembly does not meet the demanded criteria. In the .NET Framework version 2.0 and later, demands for identity permissions are ineffective if the calling assembly has full trust. This ensures consistency for all permissions and eliminates the treatment of identity permissions as a special case. - - For a complete description of strong names, see the reference page. For more information about strong-named assemblies, see [Strong-named assemblies](/dotnet/standard/assembly/strong-named). - - The class is used to define strong-name requirements for accessing the public members of a type. The attribute can be used to define strong-name requirements at the assembly level. In the .NET Framework version 2.0 and later, you can also use the attribute to specify that all nonpublic types in that assembly are visible to another assembly. For more information, see [Friend assemblies](/dotnet/standard/assembly/friend). - ]]> @@ -117,21 +100,7 @@ One of the values. Initializes a new instance of the class with the specified . - - [!NOTE] -> In the .NET Framework versions 1.0 and 1.1, identity permissions cannot have an permission state value. In the .NET Framework version 2.0 and later, identity permissions can have any permission state value. This means that in version 2.0 and later versions, identity permissions have the same behavior as permissions that implement the interface. That is, a demand for an identity always succeeds, regardless of the identity of the assembly, if the assembly has been granted full trust. - - In the .NET Framework versions 1.0 and 1.1, demands on the identity permissions are effective, even when the calling assembly is fully trusted. That is, although the calling assembly has full trust, a demand for an identity permission fails if the assembly does not meet the demanded criteria. In the .NET Framework version 2.0 and later, demands for identity permissions are ineffective if the calling assembly has full trust. This assures consistency for all permissions, eliminating the treatment of identity permissions as a special case. - - Use this constructor with a permission state value of to create an identity permission that matches no strong names. If you subsequently set the and properties, a specific strong name identity can be represented by the permission. - - ]]> - + To be added. The parameter is not a valid value of . @@ -172,16 +141,7 @@ The simple name part of the strong name identity. This corresponds to the name of the assembly. The version number of the identity. Initializes a new instance of the class for the specified strong name identity. - - is thrown. - - For more information on names and version numbers of assemblies, see [Strong-named assemblies](/dotnet/standard/assembly/strong-named). - - ]]> - + To be added. The parameter is . The parameter is an empty string (""). @@ -220,14 +180,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -266,14 +219,7 @@ The XML encoding to use to reconstruct the permission. Reconstructs a permission with a specified state from an XML encoding. - - - + To be added. The parameter is . The parameter is not a valid permission element. @@ -319,16 +265,7 @@ A permission to intersect with the current permission. It must be of the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. A new permission that represents the intersection of the current permission and the specified permission, or if the intersection is empty. - - - + To be added. The parameter is not and is not of the same type as the current permission. @@ -370,14 +307,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - property containing the wildcard expression MyCompany.MyDepartment.* is identified as a subset of an identity with the property MyCompany.MyDepartment.MyFile. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. @@ -414,14 +344,7 @@ Gets or sets the simple name portion of the strong name identity. The simple name of the identity. - - property can be an exact name or can be modified by a wildcard character in the final position; for example, both MyCompany.MyDepartment.MyFile and MyCompany.MyDepartment.* are valid names. If you attempt to set the property to an empty string (""), an is thrown. - - ]]> - + To be added. The value is an empty string (""). The property value cannot be retrieved because it contains an ambiguous identity. @@ -498,14 +421,7 @@ Creates an XML encoding of the permission and its current state. An XML encoding of the permission, including any state information. - - - + To be added. @@ -545,16 +461,7 @@ A permission to combine with the current permission. It must be of the same type as the current permission. Creates a permission that is the union of the current permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - is a permission that represents all the operations represented by both the current permission and the specified permission. Any demand that passes either permission passes their union. - - The union of a permission and `null` is the permission that is not `null`. The union of a permission and a subset of that permission is the permission that contains the other. Any other combination results in an exception being thrown. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. -or- diff --git a/xml/System.Security.Permissions/StrongNameIdentityPermissionAttribute.xml b/xml/System.Security.Permissions/StrongNameIdentityPermissionAttribute.xml index 4ed3748f01e..1e21b6a2496 100644 --- a/xml/System.Security.Permissions/StrongNameIdentityPermissionAttribute.xml +++ b/xml/System.Security.Permissions/StrongNameIdentityPermissionAttribute.xml @@ -51,15 +51,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] -> [!IMPORTANT] -> Starting with .NET Framework 4, identity permissions are not used. - - The scope of the declaration that is allowed depends on the that is used. You can obtain the key string for this attribute by running the Strong Name tool (Sn.exe) with the token and public key options (**Sn** **-tp** *keyfile*`)` against a file that has an Authenticode signature. For more information, see [Sn.exe (Strong Name Tool)](/dotnet/framework/tools/sn-exe-strong-name-tool). - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class. - - The attribute can be used to define strong-name requirements for access to public members at the assembly level. In the .NET Framework version 2.0 and later, you can also use the attribute to specify that all nonpublic types in that assembly are visible to another assembly. For more information, see [Friend assemblies](/dotnet/standard/assembly/friend). - ]]> @@ -140,16 +131,7 @@ Creates and returns a new . A that corresponds to this attribute. - - - + To be added. The method failed because the key is . @@ -186,14 +168,7 @@ Gets or sets the name of the strong name identity. A name to compare against the name specified by the security provider. - - property to "mylibrary". - - ]]> - + To be added. diff --git a/xml/System.Security.Permissions/StrongNamePublicKeyBlob.xml b/xml/System.Security.Permissions/StrongNamePublicKeyBlob.xml index 22df6e859bc..164840d0b49 100644 --- a/xml/System.Security.Permissions/StrongNamePublicKeyBlob.xml +++ b/xml/System.Security.Permissions/StrongNamePublicKeyBlob.xml @@ -41,16 +41,12 @@ Represents the public key information (called a blob) for a strong name. This class cannot be inherited. - . - ]]> @@ -171,14 +167,7 @@ Returns a hash code based on the public key. The hash code based on the public key. - - - + To be added. diff --git a/xml/System.Security.Permissions/TypeDescriptorPermission.xml b/xml/System.Security.Permissions/TypeDescriptorPermission.xml index 26c0a9ab6c8..bd909f6f0d6 100644 --- a/xml/System.Security.Permissions/TypeDescriptorPermission.xml +++ b/xml/System.Security.Permissions/TypeDescriptorPermission.xml @@ -49,16 +49,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - The class defines access to the following methods on the class. - -- - -- - -- - -- - ]]> diff --git a/xml/System.Security.Permissions/UIPermission.xml b/xml/System.Security.Permissions/UIPermission.xml index 9352c9e5fc2..d77763e9dff 100644 --- a/xml/System.Security.Permissions/UIPermission.xml +++ b/xml/System.Security.Permissions/UIPermission.xml @@ -51,12 +51,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - Drawing and user input events in windows are user interfaces. - - The permission to use windows can be one of the following: unrestricted, limited to , only , or no window drawing or user input event access allowed. and are restricted in title and size to prevent possible spoofing by potentially harmful code. - - The permission to use the Clipboard can be one of the following: unrestricted, write-only, or no Clipboard access allowed. The paste limitation prevents potentially harmful applications from taking data from the Clipboard without the user's consent, while still allowing the cut, copy, and paste operations when initiated by the user through keyboard commands. - ]]> @@ -107,14 +101,7 @@ One of the enumeration values. Initializes a new instance of the class with either fully restricted or unrestricted access, as specified. - - - + To be added. The parameter is not a valid . @@ -151,14 +138,7 @@ One of the enumeration values. Initializes a new instance of the class with the permissions for the Clipboard, and no access to windows. - - - + To be added. The parameter is not a valid value. @@ -195,14 +175,7 @@ One of the enumeration values. Initializes a new instance of the class with the permissions for windows, and no access to the Clipboard. - - - + To be added. The parameter is not a valid value. @@ -319,14 +292,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -411,14 +377,7 @@ A permission to intersect with the current permission. It must be the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. A new permission that represents the intersection of the current permission and the specified permission. This new permission is if the intersection is empty. - - and from those in the current permission and the specified permission. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. @@ -460,14 +419,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - to return `true`, both the and values of the current permission must be equal to or less permissive than the values of the specified permission. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. @@ -509,14 +461,7 @@ Returns a value indicating whether the current permission is unrestricted. if the current permission is unrestricted; otherwise, . - - - + To be added. @@ -593,14 +538,7 @@ A permission to combine with the current permission. It must be the same type as the current permission. Creates a permission that is the union of the permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - is a permission that represents all the operations represented by the current permission as well as all the operations represented by the specified permission. Specifically, it represents the most permissive values of and from those in the current permission and the specified permission. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. diff --git a/xml/System.Security.Permissions/UIPermissionAttribute.xml b/xml/System.Security.Permissions/UIPermissionAttribute.xml index 1206e2cf814..7cc47bce29e 100644 --- a/xml/System.Security.Permissions/UIPermissionAttribute.xml +++ b/xml/System.Security.Permissions/UIPermissionAttribute.xml @@ -45,16 +45,12 @@ Allows security actions for to be applied to code using declarative security. This class cannot be inherited. - that is used. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class. - ]]> @@ -169,16 +165,7 @@ Creates and returns a new . A that corresponds to this attribute. - - - + To be added. diff --git a/xml/System.Security.Permissions/UIPermissionClipboard.xml b/xml/System.Security.Permissions/UIPermissionClipboard.xml index 221120cfeec..242d38c82f4 100644 --- a/xml/System.Security.Permissions/UIPermissionClipboard.xml +++ b/xml/System.Security.Permissions/UIPermissionClipboard.xml @@ -40,14 +40,12 @@ Specifies the type of clipboard access that is allowed to the calling code. - . - ]]> diff --git a/xml/System.Security.Permissions/UIPermissionWindow.xml b/xml/System.Security.Permissions/UIPermissionWindow.xml index 24c281ed6c0..6e94a97b251 100644 --- a/xml/System.Security.Permissions/UIPermissionWindow.xml +++ b/xml/System.Security.Permissions/UIPermissionWindow.xml @@ -46,44 +46,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] -This enumeration is used by . - -When an application runs under the `SafeTopLevelWindows` permission, it: - -- Shows the DNS name or IP address of the Web site from which the application was loaded in its title bar. - -- Displays Balloon tooltip when it first displays, informing the user that it is running under a restricted trust level. - -- Must display its title bar at all times. - -- Must display window controls on its forms. - -- Cannot minimize its main window on startup. - -- Cannot move its windows off-screen. - -- Cannot use the property to make its windows less than 50% transparent. - -- Must use only rectangular windows, and must include the window frame. Windows Forms will not honor setting to . - -- Cannot make windows invisible. Any attempt by the application to set the property to `False` will be ignored. - -- Must have an entry in the Task Bar. - -- Has its controls prohibited from accessing the property. By implication, controls will also be barred from accessing siblings - that is, other controls at the same level of nesting. - -- Cannot control focus using the method. - -- Has restricted keyboard input access, so that a form or control can only access keyboard events for itself and its children. - -- Has restricted mouse coordinate access, so that a form or control can only read mouse coordinates if the mouse is over its visible area. - -- Cannot set the property. - -- Cannot control the z-order of controls on the form using the and methods. - - These restrictions help prevent potentially harmful code from spoofing attacks, such as imitating trusted system dialogs. - ]]> @@ -229,12 +191,7 @@ When an application runs under the `SafeTopLevelWindows` permission, it: 2 Users can only use and for drawing, and can only use user input events for the user interface within those top-level windows and subwindows. See the Remarks section for more information. - - - + To be added. diff --git a/xml/System.Security.Permissions/UrlIdentityPermission.xml b/xml/System.Security.Permissions/UrlIdentityPermission.xml index 8c41a95f8f0..70e5d3bae4b 100644 --- a/xml/System.Security.Permissions/UrlIdentityPermission.xml +++ b/xml/System.Security.Permissions/UrlIdentityPermission.xml @@ -47,21 +47,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - The complete URL is considered, including the protocol (HTTP, HTTPS, FTP) and the file. For example, `http://www.fourthcoffee.com/process/grind.htm` is a complete URL. - - URLs can be matched exactly or by a wildcard in the final position, for example: `http://www.fourthcoffee.com/process/*`. URLs can also contain a wildcard ("\*") prefix at the dot delimiter. For example, the URL name string `http://www.fourthcoffee.com/process/grind.htm/` is a subset of `http://*.fourthcoffee.com/process/grind.htm/` and `http://*.com/process/grind.htm/`. - -> [!IMPORTANT] -> Starting with the .NET Framework 4, identity permissions are not used. -> -> In the .NET Framework versions 1.0 and 1.1, demands on the identity permissions are effective even when the calling assembly is fully trusted. That is, although the calling assembly has full trust, a demand for an identity permission fails if the assembly does not meet the demanded criteria. Starting with the .NET Framework version 2.0, demands for identity permissions are ineffective if the calling assembly has full trust. That is, a demand for an identity always succeeds, regardless of the identity of the assembly, if the assembly has been granted full trust. This assures consistency for all permissions, eliminating the treatment of identity permissions as a special case. - -> [!NOTE] -> In versions of the .NET Framework before the .NET Framework 4, you could use the method to prevent inadvertent access to system resources by trusted code. is now obsolete, and access to resources is now determined solely by the granted permission set for an assembly. To limit access to files, you must run partially trusted code in a sandbox and assign it permissions only to resources that the code is allowed to access. For information about running an application in a sandbox, see [How to: Run Partially Trusted Code in a Sandbox](/dotnet/framework/misc/how-to-run-partially-trusted-code-in-a-sandbox). - -> [!NOTE] -> In the .NET Framework versions 1.0 and 1.1, identity permissions cannot have an permission state value. Starting with the .NET Framework version 2.0, identity permissions can have any permission state value. This means that in 2.0 and later versions, identity permissions have the same behavior as permissions that implement the interface. - ]]> @@ -112,19 +97,7 @@ One of the values. Initializes a new instance of the class with the specified . - - [!NOTE] -> In the .NET Framework versions 1.0 and 1.1, identity permissions cannot have an permission state value. Starting with the .NET Framework version 2.0, identity permissions can have any permission state value. This means that in 2.0 and later versions, identity permissions have the same behavior as permissions that implement the interface. That is, a demand for an identity always succeeds, regardless of the identity of the assembly, if the assembly has been granted full trust. - - In the .NET Framework versions 1.0 and 1.1, demands on the identity permissions are effective, even when the calling assembly is fully trusted. That is, although the calling assembly has full trust, a demand for an identity permission fails if the assembly does not meet the demanded criteria. Starting with the .NET Framework version 2.0, demands for identity permissions are ineffective if the calling assembly has full trust. This assures consistency for all permissions, eliminating the treatment of identity permissions as a special case. - - ]]> - + To be added. The parameter is not a valid value of . @@ -161,19 +134,7 @@ A URL or wildcard expression. Initializes a new instance of the class to represent the URL identity described by . - - [!NOTE] -> Starting with the .NET Framework version 2.0, for performance reasons, an invalid URL does not cause an argument exception at the time the new class instance is created. The argument exception will occur when one of the set operations (Union, Intersect, or IsSubsetOf) is executed. A demand on the permission causes to be called by the security infrastructure. The demand will fail because of the argument exception, resulting in a being thrown. In this case, the original exception will not be seen. - - ]]> - + To be added. The parameter is . The length of the parameter is zero. The URL, directory, or site portion of the parameter is not valid. @@ -213,14 +174,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -305,16 +259,7 @@ A permission to intersect with the current permission. It must be of the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. A new permission that represents the intersection of the current permission and the specified permission. This new permission is if the intersection is empty. - - supports set operations (, , and ) only when the current permission is equal to the specified permission object or when one of the permissions uses the wildcard operator ("\*"). - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. -or- @@ -360,16 +305,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - supports set operations (, , and ) only when the current permission is equal to the specified permission or when one of the permissions uses the wildcard operator ("\*"). - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. -or- @@ -451,16 +387,7 @@ A permission to combine with the current permission. It must be of the same type as the current permission. Creates a permission that is the union of the current permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - method is a permission that represents access to the URL as represented by the current permission, as well as access to the URL as represented by the specified permission. - - The class supports set operations , , and ) only when the current permission is equal to the specified permission, or when one of the permissions uses the wildcard operator ("\*") and one is a subset of the other. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. -or- @@ -506,16 +433,7 @@ Gets or sets a URL representing the identity of Internet code. A URL representing the identity of Internet code. - - - + To be added. The URL cannot be retrieved because it has an ambiguous identity. diff --git a/xml/System.Security.Permissions/UrlIdentityPermissionAttribute.xml b/xml/System.Security.Permissions/UrlIdentityPermissionAttribute.xml index 4164af7df4b..3df25e7edf5 100644 --- a/xml/System.Security.Permissions/UrlIdentityPermissionAttribute.xml +++ b/xml/System.Security.Permissions/UrlIdentityPermissionAttribute.xml @@ -45,21 +45,12 @@ Allows security actions for to be applied to code using declarative security. This class cannot be inherited. - that is used. - -> [!IMPORTANT] -> Starting with .NET Framework 4, identity permissions are not used. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class. - ]]> @@ -138,16 +129,7 @@ Creates and returns a new . A that corresponds to this attribute. - - - + To be added. @@ -183,16 +165,7 @@ Gets or sets the full URL of the calling code. The URL to match with the URL specified by the host. - - - + To be added. diff --git a/xml/System.Security.Permissions/WebBrowserPermission.xml b/xml/System.Security.Permissions/WebBrowserPermission.xml index 969a793cd82..36703ebb5b7 100644 --- a/xml/System.Security.Permissions/WebBrowserPermission.xml +++ b/xml/System.Security.Permissions/WebBrowserPermission.xml @@ -52,11 +52,9 @@ The object controls the ability to create the WebBrowser control. enumerations. +[!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] -This class is not typically used in XAML. ]]> @@ -97,14 +95,7 @@ This class is not typically used in XAML. Initializes a new instance of the class. - - property is set to . - - ]]> - + To be added. @@ -138,14 +129,7 @@ This class is not typically used in XAML. An enumerated value of . Initializes a new instance of the class by specifying a permission state. - - , the value of the property is set to . If `state` is set to , the value of the property is set to . - - ]]> - + To be added. @@ -214,7 +198,7 @@ This class is not typically used in XAML. Creates and returns an identical copy of the current permission. A copy of the current permission. - A copy of a permission represents the same access to resources as the original permission. Members of this class are either not typically used in XAML, or cannot be used in XAML. + To be added. @@ -251,13 +235,7 @@ This class is not typically used in XAML. The XML encoding to use to reconstruct the permission. Reconstructs a permission with a specified state from an XML encoding. - - - + To be added. @@ -295,13 +273,7 @@ Members of this class are either not typically used in XAML, or cannot be used i A permission to intersect with the current permission. It must be of the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. The intersection of two permissions is a permission that describes the state that they both describe in common. Only a demand that passes both original permissions will be valid for the intersected permission. - - - + To be added. @@ -340,19 +312,7 @@ Members of this class are either not typically used in XAML, or cannot be used i Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - - + To be added. @@ -391,17 +351,7 @@ Members of this class are either not typically used in XAML, or cannot be used i Returns a value indicating whether the current permission is unrestricted. if the property is set to ; otherwise, . - - - + To be added. @@ -470,13 +420,7 @@ Members of this class are either not typically used in XAML, or cannot be used i Creates an XML encoding of the permission and its current state. An XML encoding of the permission, including any state information. - - - + To be added. @@ -514,13 +458,7 @@ Members of this class are either not typically used in XAML, or cannot be used i A permission to combine with the current permission. It must be of the same type as the current permission. Creates a permission that is the union of the current permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - - + To be added. diff --git a/xml/System.Security.Permissions/WebBrowserPermissionAttribute.xml b/xml/System.Security.Permissions/WebBrowserPermissionAttribute.xml index a9eb3f40f5e..71d3a8ce315 100644 --- a/xml/System.Security.Permissions/WebBrowserPermissionAttribute.xml +++ b/xml/System.Security.Permissions/WebBrowserPermissionAttribute.xml @@ -52,13 +52,8 @@ Allows security actions for to be applied to code using declarative security. controls the ability of a Web browser control to run in a Windows Presentation Foundation (WPF) application. The scope of the declaration that is allowed depends on the that is used. - -The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class, . -This class is not typically used in XAML. +[!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] ]]> @@ -96,7 +91,7 @@ This class is not typically used in XAML. One of the values. Initializes a new instance of the class with the specified . - Members of this class are either not typically used in XAML, or cannot be used in XAML. + To be added. @@ -131,19 +126,7 @@ This class is not typically used in XAML. Creates and returns a new instance of the class. A corresponding to the security declaration. - - method is called by the security system, not by application code. - -The security information described by is stored in the metadata of the attribute target, which is the class to which is applied. The system accesses the information at run time. The system uses the returned by to convert the security information of the attribute target to a serializable form stored in metadata. - -Members of this class are either not typically used in XAML, or cannot be used in XAML. - - ]]> - + To be added. diff --git a/xml/System.Security.Permissions/WebBrowserPermissionLevel.xml b/xml/System.Security.Permissions/WebBrowserPermissionLevel.xml index d797d1ec163..63520d8c1ec 100644 --- a/xml/System.Security.Permissions/WebBrowserPermissionLevel.xml +++ b/xml/System.Security.Permissions/WebBrowserPermissionLevel.xml @@ -52,14 +52,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - Use this enumeration to set the property of the class. - - The Safe permission level restricts the following Web browser operations. - -- A pop-up window cannot be created over the Web browser control. -- The Web browser control can only be navigated to its site of origin. -- The security settings of the Web browser control are reduced. - ]]> diff --git a/xml/System.Security.Permissions/ZoneIdentityPermission.xml b/xml/System.Security.Permissions/ZoneIdentityPermission.xml index 80a8bbfc9d9..7ee32aff77f 100644 --- a/xml/System.Security.Permissions/ZoneIdentityPermission.xml +++ b/xml/System.Security.Permissions/ZoneIdentityPermission.xml @@ -47,21 +47,6 @@ [!INCLUDE[cas-deprecated](~/includes/cas-deprecated.md)] - This permission can determine whether calling code is from a certain zone. Zones are configured according to the Internet options, and are mapped from URL by IInternetSecurityManager and related APIs. Only exact zone matches are defined for the permission; a URL can only belong to one zone. - -- Local intranet zone: The Local intranet zone is used for content located on a company's intranet. Because the servers are within a company's firewall, content on the intranet is assigned a higher level of trust. - -- Trusted sites zone: The Trusted sites zone is used for content located on Web sites that are considered more reputable or trustworthy than other sites on the Internet. Users can use this zone to assign a higher level of trust to specific Internet sites. The URLs of these trusted Web sites need to be mapped into this zone by the user. By default, sites in the Trusted sites zone receive no higher trust than those in the Internet zone. A user or company needs to change the level of trust granted to this zone if they want the sites it contains to be given a higher level of trust. - -- Internet zone: The Internet zone is used for the Web sites on the Internet that do not belong to another zone. The default settings allow code downloaded from these sites only minimal access to resources on the user's computer. Web sites that are not mapped into other zones automatically fall into this zone. - -- Restricted sites zone: The Restricted sites zone is used for Web sites that contain content that could cause, or could have previously caused, problems when downloaded. This zone could be used to prevent code downloaded from these sites from running on the user's computer. The URLs of these untrusted Web sites need to be mapped into this zone by the user. - -- Local Machine zone: The Local Machine zone is an implicit zone that is used for content that exists on the user's computer. The content found on the user's computer, except for content cached by Internet Explorer on the local system, is treated with a very high level of trust. - -> [!IMPORTANT] -> Starting with .NET Framework 4, identity permissions are not used. - ]]> @@ -112,19 +97,7 @@ One of the values. Initializes a new instance of the class with the specified . - - [!NOTE] -> In the .NET Framework versions 1.0 and 1.1, identity permissions cannot have an permission state value. Starting with the .NET Framework version 2.0, identity permissions can have any permission state value. This means that in 2.0 and later versions, identity permissions have the same behavior as permissions that implement the interface. That is, a demand for an identity always succeeds, regardless of the identity of the assembly, if the assembly has been granted full trust. - - In the .NET Framework versions 1.0 and 1.1, demands on the identity permissions are effective, even when the calling assembly is fully trusted. That is, although the calling assembly has full trust, a demand for an identity permission fails if the assembly does not meet the demanded criteria. Starting with the .NET Framework version 2.0, demands for identity permissions are ineffective if the calling assembly has full trust. This assures consistency for all permissions, eliminating the treatment of identity permissions as a special case. - - ]]> - + To be added. The parameter is not a valid value of . @@ -198,14 +171,7 @@ Creates and returns an identical copy of the current permission. A copy of the current permission. - - - + To be added. @@ -290,16 +256,7 @@ A permission to intersect with the current permission. It must be of the same type as the current permission. Creates and returns a permission that is the intersection of the current permission and the specified permission. A new permission that represents the intersection of the current permission and the specified permission. This new permission is if the intersection is empty. - - objects is the same permission. Any other combination results in a permission that is `null`. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. @@ -341,14 +298,7 @@ Determines whether the current permission is a subset of the specified permission. if the current permission is a subset of the specified permission; otherwise, . - - security zone. - - ]]> - + To be added. The parameter is not , this permission does not represent the security zone, and the specified permission is not equal to the current permission. @@ -463,16 +413,7 @@ A permission to combine with the current permission. It must be of the same type as the current permission. Creates a permission that is the union of the current permission and the specified permission. A new permission that represents the union of the current permission and the specified permission. - - is a permission that represents the security zone represented by both the current permission and the specified permission. Any demand that passes either permission passes their union. The union of two identical objects is the same permission. The union of a null permission and a permission is the permission that is not null. - - Note that a object representing a security zone is treated as a null permission and handled as a special case. The union of a object representing the security zone and a null permission is null. The union of two different zone identity permissions results in an exception being thrown when neither of the two permissions represents the security zone. - - ]]> - + To be added. The parameter is not and is not of the same type as the current permission. -or- diff --git a/xml/System.Security.Permissions/ZoneIdentityPermissionAttribute.xml b/xml/System.Security.Permissions/ZoneIdentityPermissionAttribute.xml index 5a974634a0b..bc4a827eac6 100644 --- a/xml/System.Security.Permissions/ZoneIdentityPermissionAttribute.xml +++ b/xml/System.Security.Permissions/ZoneIdentityPermissionAttribute.xml @@ -45,19 +45,12 @@ Allows security actions for to be applied to code using declarative security. This class cannot be inherited. - that is used. - -> [!IMPORTANT] -> Starting with .NET Framework 4, identity permissions are not used. - - The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class. - ]]> @@ -136,16 +129,7 @@ Creates and returns a new . A that corresponds to this attribute. - - - + To be added. From d2533b1a824dc30c988324d0d6858740a0b83172 Mon Sep 17 00:00:00 2001 From: Genevieve Warren <24882762+gewarren@users.noreply.github.com> Date: Fri, 29 May 2026 14:54:04 -0700 Subject: [PATCH 2/2] remove unwanted addition --- .../KeyContainerPermissionAttribute.xml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/xml/System.Security.Permissions/KeyContainerPermissionAttribute.xml b/xml/System.Security.Permissions/KeyContainerPermissionAttribute.xml index 5be6d5a26ac..b800dc75484 100644 --- a/xml/System.Security.Permissions/KeyContainerPermissionAttribute.xml +++ b/xml/System.Security.Permissions/KeyContainerPermissionAttribute.xml @@ -204,16 +204,6 @@ - ]]> - - - - - - - - - Property