System.Data.SqlClient.SqlClientPermission Class

Enables the .NET Framework Data Provider for SQL Server to help make sure that a user has a security level sufficient to access a data source.

See Also: SqlClientPermission Members


public sealed class SqlClientPermission : System.Data.Common.DBDataPermission


The System.Data.Common.DBDataPermission.IsUnrestricted property takes precedence over the System.Data.Common.DBDataPermission.AllowBlankPassword property. Therefore, if you set System.Data.Common.DBDataPermission.AllowBlankPassword to false, you must also set System.Data.Common.DBDataPermission.IsUnrestricted to false to prevent a user from making a connection using a blank password.


When using code access security permissions for ADO.NET, the correct pattern is to start with the most restrictive case (no permissions at all) and then add the specific permissions that are needed for the particular task that the code needs to perform. The opposite pattern, starting with all permissions and then denying a specific permission, is not secure, because there are many ways of expressing the same connection string. For example, if you start with all permissions and then attempt to deny the use of the connection string "server=someserver", the string "" would still be allowed. By always starting by granting no permissions at all, you reduce the chances that there are holes in the permission set.


Namespace: System.Data.SqlClient
Assembly: System.Data (in System.Data.dll)
Assembly Versions: 1.0.3300.0, 1.0.5000.0,