Compartilhar via


Allowed Usage and Security Risks 

The allowed usage specified by the IsolatedStorageFilePermission determines the degree to which code will be allowed to create and use isolated storage. The following table shows how the allowed usage specified in the permission corresponds to types of isolation and summarizes the security risks associated with each allowed usage.

Allowed usage Isolation types Security impact

None

No isolated storage use is allowed.

There is no security impact.

DomainIsolationByUser

Isolation by user, domain, and assembly. Each assembly has a separate substore within the domain. Stores using this permission are also implicitly isolated by computer.

This permission level leaves resources open to unauthorized overuse, although enforced quotas make it more difficult. This is called a denial of service attack.

DomainIsolationByRoamingUser

Same as previous, but store is saved to a location that will roam if roaming user profiles are enabled and quotas are not enforced.

Because quotas must be disabled, storage resources are more vulnerable to a denial of service attack.

AssemblyIsolationByUser

Isolation by user and assembly. Stores using this permission are also implicitly isolated by computer.

Quotas are enforced at this level to help prevent a denial of service attack. The same assembly in another domain can access this store, opening the possibility that information could be leaked between applications.

AssemblyIsolationByRoamingUser

Same as previous, but store is saved to a location that will roam if roaming user profiles are enabled and quotas are not enforced.

Same as previous, but without quotas, the risk of a denial of service attack increases.

AdministerIsolatedStorageByUser

Isolation by user. Typically, only administrative or debugging tools use this level of permission.

Access with this permission allows code to view or delete any of a user's isolated storage files or directories (regardless of assembly isolation). Risks include, but are not limited to, leaking information and data loss.

UnrestrictedIsolatedStorage

Isolation by all users, domains, and assemblies. Typically, only administrative or debugging tools use this level of permission.

This permission creates the potential for a total compromise of all isolated stores for all users.

See Also

Concepts

Securing Isolated Storage
Isolation by User and Assembly
Isolation by User, Domain, and Assembly