views:

125

answers:

1

On the MSDN FileSystemWatcher Class page, it includes an example with the following class attribute:

 [PermissionSet(SecurityAction.Demand, Name="FullTrust")]

What is the purpose of this? When should it be included or not included?

The FileSystemWatcher Class help page is here: http://msdn.microsoft.com/en-us/library/system.io.filesystemwatcher.aspx

+2  A: 

The FileSystemWatcher class has a link demand for unrestricted CAS permissions. This means that it will verify that its direct caller (i.e.: your code if you're consuming the class directly) has unrestricted permissions.

Unfortunately, use of a link demands opens up potential security holes since the permissions of indirect callers (i.e.: code that calls your code) are not verified by a link demand. This means that an indirect caller with restricted permissions may be able to manipulate your highly trusted code into doing something nefarious on its behalf that it would otherwise not have had the permissions to accomplish.

One of the ways to prevent an attack of this sort is to apply a full demand for the same permission to any code that that consumes a type or member with a link demand. This will ensure that any indirect callers will be subjected to the same permission demand, thereby ensuring that they cannot do anything via your code that they would not have been able to do on their own. Application of a fully demand of this type is what is being shown in the MSDN sample code for the FileSystemWatcher.

Nicole Calinoiu
I don't think I understand it well enough yet. The example runs fine without the 'PermissionSet...' line. How does it help the code to have it in? Also what does 'FullTrust' mean? Admin privlidges on the machine or just full access to the file/directory in question?
Jeff
The attribute does not help your code run. Instead, it helps prevent it from running when it should not."FullTrust" refers to unrestricted Code Access Security permissions. This has nothing to do with the permissions granted to the user's account. Code Access Security is an additional security layer provided by .NET that allows one to control permissions granted to running code. For an introduction, see http://msdn.microsoft.com/en-us/library/930b76w0(VS.71).aspx.
Nicole Calinoiu