System.Security.Permissions.FileIOPermissionAttribute Class

Allows security actions for System.Security.Permissions.FileIOPermission to be applied to code using declarative security. This class cannot be inherited.

See Also: FileIOPermissionAttribute Members


[System.AttributeUsage(System.AttributeTargets.Assembly | System.AttributeTargets.Class | System.AttributeTargets.Struct | System.AttributeTargets.Constructor | System.AttributeTargets.Method | System.AttributeTargets.All, AllowMultiple=true, Inherited=false)]
public sealed class FileIOPermissionAttribute : CodeAccessSecurityAttribute


Files and directories are specified using absolute paths. When accessing files, a security check is performed when the file is created or opened. The security check is not done again unless the file is closed and reopened. Checking permissions when the file is first accessed minimizes the impact of the security check on application performance because opening a file happens only once, while reading and writing can happen multiple times.

The scope of the declaration that is allowed depends on the System.Security.Permissions.SecurityAction that is used.

The security information declared by a security attribute is stored in the metadata of the attribute target and is accessed by the system at run time. Security attributes are used only for declarative security. For imperative security, use the corresponding permission class.


Unrestricted System.Security.Permissions.FileIOPermission grants permission for all paths within a file system, including multiple pathnames that can be used to access a single given file. To System.Security.CodeAccessPermission.Deny access to a file, you must Deny all possible paths to the file. For example, if \\server\share is mapped to the network drive X, to Deny access to \\server\share\file, you must Deny \\server\share\file, X:\file and any other path that you can use to access the file.

Thread Safety

All public static members of this type are safe for multithreaded operations. No instance members are guaranteed to be thread safe.


The following example shows a declarative request for full access to the specified file. The SecurityAction.RequestMinimum security action indicates that this is the minimum permission required for the target assembly to be able to execute.

[assembly:FileIOPermissionAttribute(SecurityAction.RequestMinimum, All="\\example\\sample.txt")]

The following example shows how to demand that the calling code has unrestricted access to files and directories. Demands are typically made to protect methods or classes from malicious code.

[FileIOPermissionAttribute(SecurityAction.Demand, Unrestricted=true)]


Namespace: System.Security.Permissions
Assembly: mscorlib (in mscorlib.dll)
Assembly Versions: 1.0.5000.0,,