Code:
/ DotNET / DotNET / 8.0 / untmp / WIN_WINDOWS / lh_tools_devdiv_wpf / Windows / wcp / TrustUi / MS / Internal / documents / Application / CriticalFileToken.cs / 1 / CriticalFileToken.cs
//------------------------------------------------------------------------------ //// Copyright (C) Microsoft Corporation. All rights reserved. // //// The CriticalFileToken class ensures file represented is the one the // user has authorized us to manipulate. // // // History: // 08/28/2005: [....]: Initial implementation. //----------------------------------------------------------------------------- using System; using System.Security; using System.Security.Permissions; using MS.Internal.PresentationUI; namespace MS.Internal.Documents.Application { ////// The CriticalFileToken class ensures file represented is the one the /// user has authorized us to manipulate. /// ////// Responsibility: /// Allow XpsViewer to safely pass around information on which file the user /// has authorized us to manipulate on thier behalf. Ensure that the creator /// of the object has the privledge to manipulate the file represented. /// /// Design Comments: /// Many classes need to perform privledged operations files on behalf of the /// user. However only DocObjHost and FilePresentation can assert it is user /// sourced data. /// /// As such we need them to create this 'token' which will will use as the only /// source of authoritative information for which files we are manipulating. /// /// As any SecurityCritical code can create SecurityCriticalData, we add the /// demand for FileIOPermission that represents the rights that will be asserted /// for in conjuction with this data. /// [FriendAccessAllowed] internal sealed class CriticalFileToken { #region Constructors //------------------------------------------------------------------------- // Constructors //------------------------------------------------------------------------- ////// Critical: /// - as this sets the _location which is Critical. /// TreatAsSafe: /// - the caller already has the value /// - the caller must satisfy the demand which this token grants /// [SecurityCritical, SecurityTreatAsSafe] internal CriticalFileToken(Uri location) { string path = location.LocalPath; new FileIOPermission( FileIOPermissionAccess.Read | FileIOPermissionAccess.Write, path) .Demand(); _location = location; } #endregion Constructors #region Object Members //-------------------------------------------------------------------------- // Object Members //------------------------------------------------------------------------- ////// Compares the values. /// ///True if they are equal. ////// Critical: /// - accesses _location /// TreatAsSafe: /// - does not leak information, simple compares to values the caller /// already had /// [SecurityCritical, SecurityTreatAsSafe] public static bool operator ==(CriticalFileToken a, CriticalFileToken b) { bool result = false; if (((object)a) == null) { if (((object)b) == null) { result = true; } } else { if (((object)b) != null) { result = a._location.ToString().Equals( b._location.ToString(), StringComparison.OrdinalIgnoreCase); } } return result; } ////// Compares the values. /// public static bool operator !=(CriticalFileToken a, CriticalFileToken b) { return !(a==b); } ////// Compares the values. /// public override bool Equals(object obj) { return (this == (obj as CriticalFileToken)); } ////// See Object.GetHashCode(); /// public override int GetHashCode() { return base.GetHashCode(); } #endregion Object Members #region Internal Properties //-------------------------------------------------------------------------- // Internal Properties //-------------------------------------------------------------------------- ////// The location for which the creator satisfied ReadWrite access. /// ////// Critical: /// - the location is sensitive data; it could leak information /// about the system; file structure, OS and user. /// internal Uri Location { [SecurityCritical] get { return _location; } } #endregion Internal Properties #region Private Fields //------------------------------------------------------------------------- // Private Fields //-------------------------------------------------------------------------- ////// Critical - by definition as this is a wrapper for Critical data. /// [SecurityCritical] private Uri _location; #endregion Private Fields } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu

This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- HashRepartitionEnumerator.cs
- VisualProxy.cs
- CodeAttachEventStatement.cs
- Missing.cs
- TreeNodeStyleCollection.cs
- EndpointInfoCollection.cs
- GroupBoxAutomationPeer.cs
- SqlDependencyListener.cs
- DataListCommandEventArgs.cs
- HiddenField.cs
- ModelChangedEventArgsImpl.cs
- XmlSchemaAnyAttribute.cs
- SemaphoreSecurity.cs
- Wrapper.cs
- DoWorkEventArgs.cs
- MappingException.cs
- PagesChangedEventArgs.cs
- NamedPipeTransportBindingElement.cs
- BrowsableAttribute.cs
- AdornedElementPlaceholder.cs
- safex509handles.cs
- NotSupportedException.cs
- SendMailErrorEventArgs.cs
- HttpFileCollectionWrapper.cs
- CompilerLocalReference.cs
- DiscreteKeyFrames.cs
- PolyBezierSegmentFigureLogic.cs
- CodeChecksumPragma.cs
- WebScriptMetadataFormatter.cs
- GenericTypeParameterBuilder.cs
- ImageButton.cs
- ProxyElement.cs
- TreeNodeClickEventArgs.cs
- DashStyle.cs
- ColorMatrix.cs
- Geometry3D.cs
- XmlReflectionMember.cs
- SymLanguageType.cs
- NotifyCollectionChangedEventArgs.cs
- HttpHandlerAction.cs
- TextDecorationUnitValidation.cs
- EntityKey.cs
- FormatConvertedBitmap.cs
- EventLogEntryCollection.cs
- MouseGestureConverter.cs
- DiscoveryDocumentSearchPattern.cs
- SortedDictionary.cs
- SynchronizingStream.cs
- TextRangeEdit.cs
- ProjectedSlot.cs
- ToolBarButton.cs
- Positioning.cs
- CodeCastExpression.cs
- AssemblyBuilderData.cs
- LinqToSqlWrapper.cs
- InternalsVisibleToAttribute.cs
- PrintPreviewControl.cs
- TableLayoutSettings.cs
- ThicknessAnimationBase.cs
- ExpandableObjectConverter.cs
- IconBitmapDecoder.cs
- TextBoxDesigner.cs
- PropertyInfoSet.cs
- StorageEntityTypeMapping.cs
- RootBuilder.cs
- ExpressionVisitor.cs
- GlyphRunDrawing.cs
- PrefixQName.cs
- Crc32.cs
- CustomErrorCollection.cs
- PrintingPermission.cs
- PolyBezierSegment.cs
- ActivationServices.cs
- EnumUnknown.cs
- XhtmlBasicPhoneCallAdapter.cs
- UnmanagedMarshal.cs
- UserControlParser.cs
- ConfigurationFileMap.cs
- PriorityBindingExpression.cs
- ResolvedKeyFrameEntry.cs
- BoolExpressionVisitors.cs
- XmlException.cs
- GPPOINTF.cs
- COM2PropertyPageUITypeConverter.cs
- ToolStripDropTargetManager.cs
- HighlightVisual.cs
- XmlSchemaNotation.cs
- HealthMonitoringSectionHelper.cs
- SqlBooleanizer.cs
- Table.cs
- XmlAttribute.cs
- GetBrowserTokenRequest.cs
- FlowDocumentFormatter.cs
- WebPartConnectionsDisconnectVerb.cs
- JavaScriptSerializer.cs
- SQLChars.cs
- XmlSchemaSubstitutionGroup.cs
- SspiNegotiationTokenProviderState.cs
- PartManifestEntry.cs
- DataSourceSelectArguments.cs