AllowPartiallyTrustedCallersAttribute クラス
定義
重要
一部の情報は、リリース前に大きく変更される可能性があるプレリリースされた製品に関するものです。 Microsoft は、ここに記載されている情報について、明示または黙示を問わず、一切保証しません。
部分的に信頼されたコードによってアセンブリを呼び出すことができます。 この宣言がないと、完全に信頼された呼び出し元のみがアセンブリを使用できます。 このクラスは継承できません。
public ref class AllowPartiallyTrustedCallersAttribute sealed : Attribute[System.AttributeUsage(System.AttributeTargets.Assembly, AllowMultiple=false, Inherited=false)]
public sealed class AllowPartiallyTrustedCallersAttribute : Attribute[System.AttributeUsage(System.AttributeTargets.Assembly, AllowMultiple=false, Inherited=false)]
[System.Runtime.InteropServices.ComVisible(true)]
public sealed class AllowPartiallyTrustedCallersAttribute : Attribute[<System.AttributeUsage(System.AttributeTargets.Assembly, AllowMultiple=false, Inherited=false)>]
type AllowPartiallyTrustedCallersAttribute = class
inherit Attribute[<System.AttributeUsage(System.AttributeTargets.Assembly, AllowMultiple=false, Inherited=false)>]
[<System.Runtime.InteropServices.ComVisible(true)>]
type AllowPartiallyTrustedCallersAttribute = class
inherit AttributePublic NotInheritable Class AllowPartiallyTrustedCallersAttribute
Inherits Attribute- 継承
- 属性
例
次の例は、AllowPartiallyTrustedCallersAttribute クラスの使用方法を示しています。
// The following HTML code can be used to call the user control in this sample.
//
// <OBJECT id="usercontrol" classid="usercontrol.dll#UserControl.UserControl1" width="800"
// height="300" style="font-size:12;">
// To run this test control you must create a strong name key, snkey.snk, and
// a code group that gives full trust to assemblies signed with snkey.snk.
// The user control displays an OpenFileDialog box, then displays a text box containing the name of
// the file selected and a list box that displays the contents of the file. The selected file must
// contain text in order for the control to display the data properly.
// Caution This sample demonstrates the use of the Assert method. Calling Assert removes the
// requirement that all code in the call chain must be granted permission to access the specified
// resource, it can open up security vulnerabilities if used incorrectly or inappropriately. Therefore,
// it should be used with great caution. Assert should always be followed with a RevertAssert
// command to restore the security settings.
#using <System.Windows.Forms.dll>
#using <System.Data.dll>
#using <System.Drawing.dll>
#using <System.dll>
using namespace System;
using namespace System::Collections;
using namespace System::ComponentModel;
using namespace System::Drawing;
using namespace System::Data;
using namespace System::Windows::Forms;
using namespace System::IO;
using namespace System::Security;
using namespace System::Security::Permissions;
using namespace System::Reflection;
using namespace System::Runtime::CompilerServices;
// This strong name key is used to create a code group that gives permissions to this assembly.
// The AllowPartiallyTrustedCallersAttribute requires the assembly to be signed with a strong name key.
// This attribute is necessary since the control is called by either an intranet or Internet
// Web page that should be running under restricted permissions.
// The userControl1 displays an OpenFileDialog box, then displays a text box containing the name of
// the file selected and a list box that displays the contents of the file. The selected file must
// contain text in order for the control to display the data properly.
[assembly:AssemblyKeyFile("snKey.snk")];
[assembly:AssemblyVersion("1.0.0.0")];
[assembly:AllowPartiallyTrustedCallers];
public ref class UserControl1: public System::Windows::Forms::UserControl
{
private:
System::Windows::Forms::TextBox^ textBox1;
System::Windows::Forms::ListBox^ listBox1;
// Required designer variable.
System::ComponentModel::Container^ components;
public:
// Demand the zone requirement for the calling application.
[ZoneIdentityPermission(SecurityAction::Demand, Zone = SecurityZone::Intranet)]
UserControl1()
{
// This call is required by the Windows.Forms Form Designer.
InitializeComponent();
// The OpenFileDialog box should not require any special permissions.
OpenFileDialog^ fileDialog = gcnew OpenFileDialog;
if ( fileDialog->ShowDialog() == DialogResult::OK )
{
// Reading the name of the selected file from the OpenFileDialog box
// and reading the file requires FileIOPermission. The user control should
// have this permission granted through its code group; the Web page that calls the
// control should not have this permission. The Assert command prevents a stack walk
// that would fail because the caller does not have the required FileIOPermission.
// The use of Assert can open up security vulnerabilities if used incorrectly or
// inappropriately. Therefore, it should be used with great caution.
// The Assert command should be followed by a RevertAssert as soon as the file operation
// is completed.
(gcnew FileIOPermission( PermissionState::Unrestricted ))->Assert();
textBox1->Text = fileDialog->FileName;
// Display the contents of the file in the text box.
FileStream^ fsIn = gcnew FileStream( textBox1->Text,FileMode::Open,FileAccess::Read,FileShare::Read );
StreamReader^ sr = gcnew StreamReader( fsIn );
// Process every line in the file
for ( String ^ Line = sr->ReadLine(); Line != nullptr; Line = sr->ReadLine() )
{
listBox1->Items->Add( Line );
}
// file operations.
FileIOPermission::RevertAssert();
}
}
private:
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
void InitializeComponent()
{
this->textBox1 = gcnew System::Windows::Forms::TextBox;
this->listBox1 = gcnew System::Windows::Forms::ListBox;
this->SuspendLayout();
//
// textBox1
//
this->textBox1->Location = System::Drawing::Point( 208, 112 );
this->textBox1->Name = "textBox1";
this->textBox1->Size = System::Drawing::Size( 320, 20 );
this->textBox1->TabIndex = 0;
this->textBox1->Text = "textBox1";
this->textBox1->TextChanged += gcnew System::EventHandler( this,&UserControl1::textBox1_TextChanged );
//
// listBox1
//
this->listBox1->Location = System::Drawing::Point( 200, 184 );
this->listBox1->Name = "listBox1";
this->listBox1->Size = System::Drawing::Size( 336, 108 );
this->listBox1->TabIndex = 1;
//
// UserControl1
//
this->Controls->Add( this->listBox1 );
this->Controls->Add( this->textBox1 );
this->Name = "UserControl1";
this->Size = System::Drawing::Size( 592, 400 );
this->Load += gcnew System::EventHandler( this,&UserControl1::UserControl1_Load );
this->ResumeLayout( false );
}
void UserControl1_Load( Object^ /*sender*/, System::EventArgs^ /*e*/ ){}
void textBox1_TextChanged( Object^ /*sender*/, System::EventArgs^ /*e*/ ){}
};
// The following HTML code can be used to call the user control in this sample.
//
// <OBJECT id="usercontrol" classid="usercontrol.dll#UserControl.UserControl1" width="800"
// height="300" style="font-size:12;">
// To run this test control you must create a strong name key, snkey.snk, and
// a code group that gives full trust to assemblies signed with snkey.snk.
// The user control displays an OpenFileDialog box, then displays a text box containing the name of
// the file selected and a list box that displays the contents of the file. The selected file must
// contain text in order for the control to display the data properly.
// Caution This sample demonstrates the use of the Assert method. Calling Assert removes the
// requirement that all code in the call chain must be granted permission to access the specified
// resource, it can open up security vulnerabilities if used incorrectly or inappropriately. Therefore,
// it should be used with great caution. Assert should always be followed with a RevertAssert
// command to restore the security settings.
using System;
using System.Collections;
using System.ComponentModel;
using System.Drawing;
using System.Data;
using System.Windows.Forms;
using System.IO;
using System.Security;
using System.Security.Permissions;
using System.Reflection;
using System.Runtime.CompilerServices;
// This strong name key is used to create a code group that gives permissions to this assembly.
[assembly: AssemblyKeyFile("snKey.snk")]
[assembly: AssemblyVersion("1.0.0.0")]
// The AllowPartiallyTrustedCallersAttribute requires the assembly to be signed with a strong name key.
// This attribute is necessary since the control is called by either an intranet or Internet
// Web page that should be running under restricted permissions.
[assembly:AllowPartiallyTrustedCallers]
namespace UserControl
{
// The userControl1 displays an OpenFileDialog box, then displays a text box containing the name of
// the file selected and a list box that displays the contents of the file. The selected file must
// contain text in order for the control to display the data properly.
public class UserControl1 : System.Windows.Forms.UserControl
{
private System.Windows.Forms.TextBox textBox1;
private System.Windows.Forms.ListBox listBox1;
// Required designer variable.
private System.ComponentModel.Container components = null;
// Demand the zone requirement for the calling application.
[ZoneIdentityPermission(SecurityAction.Demand, Zone = SecurityZone.Intranet)]
public UserControl1()
{
// This call is required by the Windows.Forms Form Designer.
InitializeComponent();
// The OpenFileDialog box should not require any special permissions.
OpenFileDialog fileDialog = new OpenFileDialog();
if(fileDialog.ShowDialog() == DialogResult.OK)
{
// Reading the name of the selected file from the OpenFileDialog box
// and reading the file requires FileIOPermission. The user control should
// have this permission granted through its code group; the Web page that calls the
// control should not have this permission. The Assert command prevents a stack walk
// that would fail because the caller does not have the required FileIOPermission.
// The use of Assert can open up security vulnerabilities if used incorrectly or
// inappropriately. Therefore, it should be used with great caution.
// The Assert command should be followed by a RevertAssert as soon as the file operation
// is completed.
new FileIOPermission(PermissionState.Unrestricted).Assert();
textBox1.Text = fileDialog.FileName;
// Display the contents of the file in the text box.
FileStream fsIn = new FileStream(textBox1.Text, FileMode.Open, FileAccess.Read,
FileShare.Read);
StreamReader sr = new StreamReader(fsIn);
// Process every line in the file
for (String Line = sr.ReadLine(); Line != null; Line = sr.ReadLine())
{
listBox1.Items.Add(Line);
}
// It is very important to call RevertAssert to restore the stack walk for
// file operations.
FileIOPermission.RevertAssert();
}
}
// Clean up any resources being used.
protected override void Dispose( bool disposing )
{
if( disposing )
{
if( components != null )
components.Dispose();
}
base.Dispose( disposing );
}
#region Component Designer generated code
/// <summary>
/// Required method for Designer support - do not modify
/// the contents of this method with the code editor.
/// </summary>
private void InitializeComponent()
{
this.textBox1 = new System.Windows.Forms.TextBox();
this.listBox1 = new System.Windows.Forms.ListBox();
this.SuspendLayout();
//
// textBox1
//
this.textBox1.Location = new System.Drawing.Point(208, 112);
this.textBox1.Name = "textBox1";
this.textBox1.Size = new System.Drawing.Size(320, 20);
this.textBox1.TabIndex = 0;
this.textBox1.Text = "textBox1";
this.textBox1.TextChanged += new System.EventHandler(this.textBox1_TextChanged);
//
// listBox1
//
this.listBox1.Location = new System.Drawing.Point(200, 184);
this.listBox1.Name = "listBox1";
this.listBox1.Size = new System.Drawing.Size(336, 108);
this.listBox1.TabIndex = 1;
//
// UserControl1
//
this.Controls.Add(this.listBox1);
this.Controls.Add(this.textBox1);
this.Name = "UserControl1";
this.Size = new System.Drawing.Size(592, 400);
this.Load += new System.EventHandler(this.UserControl1_Load);
this.ResumeLayout(false);
}
#endregion
private void UserControl1_Load(object sender, System.EventArgs e)
{
}
private void textBox1_TextChanged(object sender, System.EventArgs e)
{
}
}
}
' The following HTML code can be used to call the user control in this sample.
'
' <OBJECT id="usercontrol" classid="usercontrol.dll#UserControl.UserControl1" width="800"
' height="300" style="font-size:12;">
' To run this test control you must create a strong name key, snkey.snk, and
' a code group that gives full trust to assemblies signed with snkey.snk.
' The user control displays an OpenFileDialog box, then displays a text box containing the name of
' the file selected and a list box that displays the contents of the file. The selected file must
' contain text in order for the control to display the data properly.
' Caution This sample demonstrates the use of the Assert method. Calling Assert removes the
' requirement that all code in the call chain must be granted permission to access the specified
' resource, it can open up security vulnerabilities if used incorrectly or inappropriately. Therefore,
' it should be used with great caution. Assert should always be followed with a RevertAssert
' command to restore the security settings.
Imports System.Collections
Imports System.ComponentModel
Imports System.Drawing
Imports System.Data
Imports System.Windows.Forms
Imports System.IO
Imports System.Security
Imports System.Security.Permissions
Imports System.Reflection
Imports System.Runtime.CompilerServices
' This strong name key is used to create a code group that gives permissions to this assembly.
<Assembly: AssemblyKeyFile("snKey.snk")>
<Assembly: AssemblyVersion("1.0.0.0")>
' The AllowPartiallyTrustedCallersAttribute requires the assembly to be signed with a strong name key.
' This attribute is necessary since the control is called by either an intranet or Internet
' Web page that should be running under restricted permissions.
<Assembly: AllowPartiallyTrustedCallers()>
' The userControl1 displays an OpenFileDialog box, then displays a text box containing the name of
' the file selected and a list box that displays the contents of the file. The selected file must
' contain text in order for the control to display the data properly.
'Demand the zone requirement for the calling application.
<ZoneIdentityPermissionAttribute(SecurityAction.Demand, Zone:=SecurityZone.Intranet)> _
Public Class UserControl1
Inherits System.Windows.Forms.UserControl
Private WithEvents textBox1 As System.Windows.Forms.TextBox
Private listBox1 As System.Windows.Forms.ListBox
' Required designer variable.
Private components As System.ComponentModel.Container = Nothing
Public Sub New()
' This call is required by the Windows.Forms Form Designer.
InitializeComponent()
' The OpenFileDialog box should not require any special permissions.
Dim fileDialog As New OpenFileDialog
If fileDialog.ShowDialog() = DialogResult.OK Then
' Reading the name of the selected file from the OpenFileDialog box
' and reading the file requires FileIOPermission. The user control should
' have this permission granted through its code group; the Web page that calls the
' control should not have this permission. The Assert command prevents a stack walk
' that would fail because the caller does not have the required FileIOPermission.
' The use of Assert can open up security vulnerabilities if used incorrectly or
' inappropriately. Therefore, it should be used with great caution.
' The Assert command should be followed by a RevertAssert as soon as the file operation
' is completed.
Dim fileIOPermission As New FileIOPermission(PermissionState.Unrestricted)
fileIOPermission.Assert()
textBox1.Text = fileDialog.FileName
' Display the contents of the file in the text box.
Dim fsIn As New FileStream(textBox1.Text, FileMode.Open, FileAccess.Read, FileShare.Read)
Dim sr As New StreamReader(fsIn)
' Process every line in the file
Dim Line As String
Line = sr.ReadLine()
While Not (Line Is Nothing)
listBox1.Items.Add(Line)
Line = sr.ReadLine()
End While
' It is very important to call RevertAssert to restore the stack walk for
' file operations.
fileIOPermission.RevertAssert()
End If
End Sub
' Clean up any resources being used.
Protected Overloads Sub Dispose(ByVal disposing As Boolean)
If disposing Then
If Not (components Is Nothing) Then
components.Dispose()
End If
End If
MyBase.Dispose(disposing)
End Sub
' Required method for Designer support - do not modify
' the contents of this method with the code editor.
Private Sub InitializeComponent()
Me.textBox1 = New System.Windows.Forms.TextBox
Me.listBox1 = New System.Windows.Forms.ListBox
Me.SuspendLayout()
'
' textBox1
'
Me.textBox1.Location = New System.Drawing.Point(208, 112)
Me.textBox1.Name = "textBox1"
Me.textBox1.Size = New System.Drawing.Size(320, 20)
Me.textBox1.TabIndex = 0
Me.textBox1.Text = "textBox1"
'
' listBox1
'
Me.listBox1.Location = New System.Drawing.Point(200, 184)
Me.listBox1.Name = "listBox1"
Me.listBox1.Size = New System.Drawing.Size(336, 108)
Me.listBox1.TabIndex = 1
'
' UserControl1
'
Me.Controls.Add(listBox1)
Me.Controls.Add(textBox1)
Me.Name = "UserControl1"
Me.Size = New System.Drawing.Size(592, 400)
Me.ResumeLayout(False)
End Sub
Private Sub UserControl1_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles MyBase.Load
End Sub
Private Sub textBox1_TextChanged(ByVal sender As Object, ByVal e As System.EventArgs) Handles textBox1.TextChanged
End Sub
End Class
注釈
大事な
部分的に信頼されたコードはサポートされなくなりました。 この属性は .NET Core には影響しません。
手記
.NET Framework 4 では、AllowPartiallyTrustedCallersAttribute 属性の動作に影響する新しいセキュリティ規則が導入されています (Security-Transparent コード、レベル 2を参照)。 .NET Framework 4 では、すべてのコードが既定でセキュリティ透過的、つまり部分的に信頼されています。 ただし、個々の型とメンバーに注釈を付けて、他の透過性属性を割り当てることができます。 これと他のセキュリティの変更については、「セキュリティの変更
AllowPartiallyTrustedCallersAttribute (APTCA) 属性を効果的に使用するには、.NET Framework バージョン 2.0 () アセンブリに厳密な名前を付ける必要があります。 .NET Framework 4 () アセンブリは、APTCA 属性を有効にするために厳密な名前を付ける必要はありません。また、透過的でセキュリティクリティカルでセキュリティセーフクリティカルなコードを含めることができます。 アセンブリ レベルでの属性の適用の詳細については、「属性の適用」を参照してください。
既定では、厳密な名前を持つアセンブリがこの属性をアセンブリ レベルで明示的に適用しない場合は、完全信頼が付与されている他のアセンブリによってのみ呼び出すことができます。 この制限は、アセンブリ内のすべてのパブリック にアクセスできるクラスのすべてのパブリック メソッドまたは保護されたメソッドに FullTrust の LinkDemand を配置することによって適用されます。 部分的に信頼されたコードによって呼び出されることを意図したアセンブリは、AllowPartiallyTrustedCallersAttributeを使用して意図を宣言できます。 C# での宣言の例は、[assembly:AllowPartiallyTrustedCallers]です。Visual Basic の例は <assembly:AllowPartiallyTrustedCallers>です。
注意
このアセンブリ レベル属性が存在すると、セキュリティ チェック FullTrustLinkDemand 配置する既定の動作が回避され、アセンブリが他の (部分的または完全に信頼された) アセンブリから呼び出し可能になります。
APTCA 属性が存在する場合、他のすべてのセキュリティ チェックは、クラス レベルまたはメソッド レベルの宣言型セキュリティ属性を含め、意図したとおりに機能します。 この属性は、暗黙的で完全に信頼された呼び出し元の要求のみをブロックします。
これは宣言型のセキュリティ属性ではなく、通常の属性です (System.Security.Permissions.SecurityAttributeからではなく、System.Attributeから派生します)。
詳細については、「部分信頼コードからのライブラリの使用の
コンストラクター
| AllowPartiallyTrustedCallersAttribute() |
AllowPartiallyTrustedCallersAttribute クラスの新しいインスタンスを初期化します。 |
プロパティ
| PartialTrustVisibilityLevel |
AllowPartiallyTrustedCallersAttribute (APTCA) 属性でマークされているコードの既定の部分信頼可視性を取得または設定します。 |
| TypeId |
派生クラスで実装されている場合は、この Attributeの一意の識別子を取得します。 (継承元 Attribute) |
メソッド
| Equals(Object) |
このインスタンスが指定したオブジェクトと等しいかどうかを示す値を返します。 (継承元 Attribute) |
| GetHashCode() |
このインスタンスのハッシュ コードを返します。 (継承元 Attribute) |
| GetType() |
現在のインスタンスの Type を取得します。 (継承元 Object) |
| IsDefaultAttribute() |
派生クラスでオーバーライドされた場合、このインスタンスの値が派生クラスの既定値であるかどうかを示します。 (継承元 Attribute) |
| Match(Object) |
派生クラスでオーバーライドされた場合、このインスタンスが指定したオブジェクトと等しいかどうかを示す値を返します。 (継承元 Attribute) |
| MemberwiseClone() |
現在の Objectの簡易コピーを作成します。 (継承元 Object) |
| ToString() |
現在のオブジェクトを表す文字列を返します。 (継承元 Object) |
明示的なインターフェイスの実装
| _Attribute.GetIDsOfNames(Guid, IntPtr, UInt32, UInt32, IntPtr) |
名前のセットを、対応するディスパッチ識別子のセットにマップします。 (継承元 Attribute) |
| _Attribute.GetTypeInfo(UInt32, UInt32, IntPtr) |
インターフェイスの型情報を取得するために使用できるオブジェクトの型情報を取得します。 (継承元 Attribute) |
| _Attribute.GetTypeInfoCount(UInt32) |
オブジェクトが提供する型情報インターフェイスの数を取得します (0 または 1)。 (継承元 Attribute) |
| _Attribute.Invoke(UInt32, Guid, UInt32, Int16, IntPtr, IntPtr, IntPtr, IntPtr) |
オブジェクトによって公開されるプロパティとメソッドへのアクセスを提供します。 (継承元 Attribute) |
適用対象
GitHub で Microsoft と共同作業する
このコンテンツのソースは GitHub にあります。そこで、issue や pull request を作成および確認することもできます。 詳細については、共同作成者ガイドを参照してください。
.NET