From time to time, it will be necessary to implement your own custom permissions. This will most likely come about because your code has created a new form of resource to which access must be policed.
For example, you might be controlling access to some new external hardware device. For the purposes of illustration, we're going to assume the device is a toaster. The managed code that will provide access to the toaster needs to provide methods to determine the presence of bread, its current “toasted” level, eject the bread, and so on.
Listing 25.1 is a simplified model of the Toaster class, along with some possible security declarations we may use to control access to the toaster resource.