Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / cdf / src / WCF / System.ServiceModel.Activation / System / ServiceModel / Activation / AspNetPartialTrustHelpers.cs / 1305376 / AspNetPartialTrustHelpers.cs
//------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel { using System.Runtime; using System.Security; using System.Security.Permissions; using System.Threading; using System.Web; static class AspNetPartialTrustHelpers { [Fx.Tag.SecurityNote(Critical = "Caches the PermissionSet associated with the asp.net trust level." + "This will not change over the life of the AppDomain.")] [SecurityCritical] static SecurityContext aspNetSecurityContext; [Fx.Tag.SecurityNote(Critical = "If erroneously set to true, could bypass the PermitOnly.")] [SecurityCritical] static bool isInitialized; [Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - determines if the given PermissionSet is full trust." + "We will base subsequent security decisions on this.")] static bool IsFullTrust(PermissionSet perms) { return perms == null || perms.IsUnrestricted(); } internal static bool NeedPartialTrustInvoke { [Fx.Tag.SecurityNote(Critical = "Makes a security sensitive decision, updates aspNetSecurityContext and isInitialized.", Safe = "Ok to know whether the ASP app is partial trust.")] [SecuritySafeCritical] get { if (!isInitialized) { NamedPermissionSet aspNetPermissionSet = GetHttpRuntimeNamedPermissionSet(); if (!IsFullTrust(aspNetPermissionSet)) { try { aspNetPermissionSet.PermitOnly(); aspNetSecurityContext = System.Runtime.PartialTrustHelpers.CaptureSecurityContextNoIdentityFlow(); } finally { CodeAccessPermission.RevertPermitOnly(); } } isInitialized = true; } return aspNetSecurityContext != null; } } [Fx.Tag.SecurityNote(Critical = "Asserts AspNetHostingPermission.")] [SecurityCritical] [AspNetHostingPermission(SecurityAction.Assert, Level=AspNetHostingPermissionLevel.Unrestricted)] static NamedPermissionSet GetHttpRuntimeNamedPermissionSet() { return HttpRuntime.GetNamedPermissionSet(); } [Fx.Tag.SecurityNote(Critical = "Touches aspNetSecurityContext.", Safe = "Ok to invoke the user's delegate under the PT context.")] [SecuritySafeCritical] internal static void PartialTrustInvoke(ContextCallback callback, object state) { if (NeedPartialTrustInvoke) { SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state); } else { callback(state); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. //------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel { using System.Runtime; using System.Security; using System.Security.Permissions; using System.Threading; using System.Web; static class AspNetPartialTrustHelpers { [Fx.Tag.SecurityNote(Critical = "Caches the PermissionSet associated with the asp.net trust level." + "This will not change over the life of the AppDomain.")] [SecurityCritical] static SecurityContext aspNetSecurityContext; [Fx.Tag.SecurityNote(Critical = "If erroneously set to true, could bypass the PermitOnly.")] [SecurityCritical] static bool isInitialized; [Fx.Tag.SecurityNote(Miscellaneous = "RequiresReview - determines if the given PermissionSet is full trust." + "We will base subsequent security decisions on this.")] static bool IsFullTrust(PermissionSet perms) { return perms == null || perms.IsUnrestricted(); } internal static bool NeedPartialTrustInvoke { [Fx.Tag.SecurityNote(Critical = "Makes a security sensitive decision, updates aspNetSecurityContext and isInitialized.", Safe = "Ok to know whether the ASP app is partial trust.")] [SecuritySafeCritical] get { if (!isInitialized) { NamedPermissionSet aspNetPermissionSet = GetHttpRuntimeNamedPermissionSet(); if (!IsFullTrust(aspNetPermissionSet)) { try { aspNetPermissionSet.PermitOnly(); aspNetSecurityContext = System.Runtime.PartialTrustHelpers.CaptureSecurityContextNoIdentityFlow(); } finally { CodeAccessPermission.RevertPermitOnly(); } } isInitialized = true; } return aspNetSecurityContext != null; } } [Fx.Tag.SecurityNote(Critical = "Asserts AspNetHostingPermission.")] [SecurityCritical] [AspNetHostingPermission(SecurityAction.Assert, Level=AspNetHostingPermissionLevel.Unrestricted)] static NamedPermissionSet GetHttpRuntimeNamedPermissionSet() { return HttpRuntime.GetNamedPermissionSet(); } [Fx.Tag.SecurityNote(Critical = "Touches aspNetSecurityContext.", Safe = "Ok to invoke the user's delegate under the PT context.")] [SecuritySafeCritical] internal static void PartialTrustInvoke(ContextCallback callback, object state) { if (NeedPartialTrustInvoke) { SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state); } else { callback(state); } } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- Context.cs
- TemplateEditingVerb.cs
- HttpCookiesSection.cs
- ScrollChrome.cs
- ContentFilePart.cs
- ContentPlaceHolderDesigner.cs
- COM2ExtendedTypeConverter.cs
- MimeBasePart.cs
- EnterpriseServicesHelper.cs
- EventLogPermissionEntry.cs
- RemotingConfiguration.cs
- TypeTypeConverter.cs
- LocalValueEnumerator.cs
- RequestTimeoutManager.cs
- SocketCache.cs
- SystemInformation.cs
- ResourceDescriptionAttribute.cs
- UIElementParaClient.cs
- HttpCapabilitiesBase.cs
- AuthorizationRuleCollection.cs
- SByteStorage.cs
- AnnotationComponentManager.cs
- DocumentPageViewAutomationPeer.cs
- ConfigXmlText.cs
- WeakReferenceList.cs
- TextEffect.cs
- StyleSelector.cs
- GradientPanel.cs
- EncryptedXml.cs
- FormatConvertedBitmap.cs
- RewritingPass.cs
- NativeMethods.cs
- FontStretches.cs
- SwitchLevelAttribute.cs
- IOThreadTimer.cs
- SafeBitVector32.cs
- WebConfigurationHostFileChange.cs
- Scene3D.cs
- ServiceDesigner.cs
- BitmapSourceSafeMILHandle.cs
- ResourceDisplayNameAttribute.cs
- WhitespaceSignificantCollectionAttribute.cs
- ScriptResourceHandler.cs
- LogLogRecord.cs
- GridLengthConverter.cs
- MaterialGroup.cs
- AsyncPostBackTrigger.cs
- IdnElement.cs
- WebControlAdapter.cs
- NumericExpr.cs
- HitTestWithGeometryDrawingContextWalker.cs
- OrCondition.cs
- SQLCharsStorage.cs
- AccessKeyManager.cs
- XPathEmptyIterator.cs
- Encoder.cs
- MessageQueueKey.cs
- Viewport3DAutomationPeer.cs
- FixedPageStructure.cs
- Label.cs
- HttpProfileGroupBase.cs
- MetadataItemEmitter.cs
- FileEnumerator.cs
- ACE.cs
- DnsPermission.cs
- PeerNearMe.cs
- HttpApplicationFactory.cs
- TagPrefixAttribute.cs
- HttpListenerRequestUriBuilder.cs
- SpecialNameAttribute.cs
- GlyphRun.cs
- Util.cs
- ConfigXmlReader.cs
- LineSegment.cs
- RegistryPermission.cs
- HostProtectionPermission.cs
- SecurityTokenTypes.cs
- SafeNativeMethodsMilCoreApi.cs
- EncoderParameter.cs
- DataPager.cs
- FileUtil.cs
- SafeLibraryHandle.cs
- InitializeCorrelation.cs
- WindowsScrollBarBits.cs
- WebMessageEncoderFactory.cs
- EFColumnProvider.cs
- ListViewSortEventArgs.cs
- CodePageEncoding.cs
- Hash.cs
- PasswordRecovery.cs
- SQLUtility.cs
- TimeSpanSecondsConverter.cs
- Lasso.cs
- UIElementCollection.cs
- ResponseStream.cs
- SqlParameterizer.cs
- DataGridRow.cs
- MSAANativeProvider.cs
- SystemIcmpV4Statistics.cs
- XmlSignatureManifest.cs