Host Policy level Permission Sets and their permissions

Published Mar 23 2019 04:15 AM 65 Views
Microsoft
First published on MSDN on Mar 30, 2006

While there is guidance on how to use the various permission sets - SAFE, EXTERNAL_ACCESS, UNSAFE , a list of the various permissions granted in these three helps clear their definitions.


SAFE:
Code that has this permission set is only allowed to execute and use context connections.


EXTERNAL_ACCESS:
Code that has been granted external_access can access system resources and go over the wire. Code can do distributed transactions, ping, make connections, request DNS information, read internet resources, read and write key containers and certificates, read and write environment variables, files, folders and registry keys and register and respond to events. Code is not only allowed to execute but also assert for callers to bear adequate permissions and impersonate.


UNSAFE:
In addition to all of the above, it allows calling unmanaged code.

Version history
Last update:
‎Mar 23 2019 04:15 AM
Updated by: