Skip to content

Access Rights

The 'AccessRights' Class Property

To protect our users from malware code we run every cBot or indicator in a sandboxed environment.

As a result, cBots and indicators must declare their required access rights via the AccessRights class property as shown below.

[Robot(AccessRights = AccessRights.None)]
public class SampleSARTrailingStop : Robot
[Indicator(AccessRights = AccessRights.FullAccess)]
public class SampleEMA :

The boundary values for the AccessRights property are as follows.

  • None. The extension only has access to the platform-provided API data. It will not be able to access anything outside the platform.
  • FullAccess. The extension has unlimited access rights. It can access the Internet, read/write files, and run other executables, etc. It can also import WinApi functions, use .NET reflection, and create windows.

Please, consult our references library for a full list of the values that the AccessRights class property can take. As shown below, it is possible to combine access rights when defining new classes.

  [Indicator(TimeZone = TimeZones.UTC, AccessRights = AccessRights.Internet | AccessRights.Registry)]
  public class MyIndicator : Indicator

In case AccessRights.FullAccess is declared, the following window will be shown when running an instance of the cBot/indicator in question.

Image title

Security Exception

If your cBot/indicator attempts to perform a restricted action, the code will throw a security exception.

For example, a cBot with AccessRights.None tried to read from a text file, it will be stopped and the following message will appear in the log.

Crashed in OnStart with SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

The surest way to avoid this exception is to declare AccessRights.None for all your extension unless you plan on distributing them to other traders.

When sharing or selling your cBots/indicators, we highly recommend setting the value of the AccessRights parameter to None.

Last update: December 5, 2022