I had a question today, being asked if one can modify the "Limited Access" permission level in SharePoint 2010. The goal was to remove the "Browse User Information" permission from the "Limited Access" level.
Without taking responsibility for the mess the code will produce , like not being able to pick users from the user picker control, yes, it is possible to do it through the Object Model, the snippet is fairly simple:
//get the limited access permission level from the web SPRoleDefinition limitedAccessRole = web.RoleDefinitions["Limited Access"]; //get the permissions associated with this permission level SPBasePermissions limitedAccessPermissions = limitedAccessRole.BasePermissions; //remove the "Browse User Information" permission from the permissions limitedAccessPermissions = limitedAccessPermissions ^ SPBasePermissions.BrowseUserInfo; //assign the permissions again to the "Limited Access" permision level limitedAccessRole.BasePermissions = limitedAccessPermissions; //update limitedAccessRole.Update();
Again, please do this on your own responsibility, "Full access" and "Limited Access" are not made "read only" in the SharePoint user interface without a good reason.