Code:
/ Dotnetfx_Vista_SP2 / Dotnetfx_Vista_SP2 / 8.0.50727.4016 / DEVDIV / depot / DevDiv / releases / whidbey / NetFxQFE / ndp / clr / src / BCL / System / Security / HostSecurityManager.cs / 1 / HostSecurityManager.cs
// ==++==
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// ==--==
//
// A HostSecurityManager gives a hosting application the chance to
// participate in the security decisions in the AppDomain.
//
namespace System.Security {
using System.Collections;
using System.Deployment.Internal.Isolation;
using System.Deployment.Internal.Isolation.Manifest;
using System.Reflection;
using System.Security;
using System.Security.Permissions;
using System.Security.Policy;
using System.Runtime.Hosting;
[Flags, Serializable()]
[System.Runtime.InteropServices.ComVisible(true)]
public enum HostSecurityManagerOptions {
None = 0x0000,
HostAppDomainEvidence = 0x0001,
HostPolicyLevel = 0x0002,
HostAssemblyEvidence = 0x0004,
HostDetermineApplicationTrust = 0x0008,
HostResolvePolicy = 0x0010,
AllFlags = 0x001F
}
[Serializable]
[SecurityPermissionAttribute(SecurityAction.LinkDemand, Flags=SecurityPermissionFlag.Infrastructure)]
[SecurityPermissionAttribute(SecurityAction.InheritanceDemand, Flags=SecurityPermissionFlag.Infrastructure)]
[System.Runtime.InteropServices.ComVisible(true)]
public class HostSecurityManager {
public HostSecurityManager () {}
// The host can choose which events he wants to participate in. This property can be set when
// the host only cares about a subset of the capabilities exposed through the HostSecurityManager.
public virtual HostSecurityManagerOptions Flags {
get {
// We use AllFlags as the default.
return HostSecurityManagerOptions.AllFlags;
}
}
// provide policy for the AppDomain.
public virtual PolicyLevel DomainPolicy {
get {
return null;
}
}
public virtual Evidence ProvideAppDomainEvidence (Evidence inputEvidence) {
// The default implementation does not modify the input evidence.
return inputEvidence;
}
public virtual Evidence ProvideAssemblyEvidence (Assembly loadedAssembly, Evidence inputEvidence) {
// The default implementation does not modify the input evidence.
return inputEvidence;
}
#if !FEATURE_PAL
[SecurityPermissionAttribute(SecurityAction.Assert, Unrestricted=true)]
public virtual ApplicationTrust DetermineApplicationTrust (Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context) {
if (applicationEvidence == null)
throw new ArgumentNullException("applicationEvidence");
// This method looks for a trust decision for the ActivationContext in three locations, in order
// of preference:
//
// 1. Supplied by the host in the AppDomainSetup. If the host supplied a decision this way, it
// will be in the applicationEvidence.
// 2. Reuse the ApplicationTrust from the current AppDomain
// 3. Ask the TrustManager for a trust decision
// get the activation context from the application evidence.
// The default HostSecurityManager does not examine the activatorEvidence
// but other security managers could use it to figure out the
// evidence of the domain attempting to activate the application.
IEnumerator enumerator = applicationEvidence.GetHostEnumerator();
ActivationArguments activationArgs = null;
ApplicationTrust appTrust = null;
while (enumerator.MoveNext())
{
if (activationArgs == null)
activationArgs = enumerator.Current as ActivationArguments;
if (appTrust == null)
appTrust = enumerator.Current as ApplicationTrust;
if (activationArgs != null && appTrust != null)
break;
}
if (activationArgs == null)
throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence"));
ActivationContext actCtx = activationArgs.ActivationContext;
if (actCtx == null)
throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence"));
// Make sure that any ApplicationTrust we find applies to the ActivationContext we're
// creating the new AppDomain for.
if (appTrust != null &&
!CmsUtils.CompareIdentities(appTrust.ApplicationIdentity, activationArgs.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion))
{
appTrust = null;
}
// If there was not a trust decision supplied in the Evidence, we can reuse the existing trust
// decision from this domain if its identity matches the ActivationContext of the new domain.
// Otherwise consult the TrustManager for a trust decision
if (appTrust == null)
{
if (AppDomain.CurrentDomain.ApplicationTrust != null &&
CmsUtils.CompareIdentities(AppDomain.CurrentDomain.ApplicationTrust.ApplicationIdentity, activationArgs.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion))
{
appTrust = AppDomain.CurrentDomain.ApplicationTrust;
}
else
{
appTrust = ApplicationSecurityManager.DetermineApplicationTrustInternal(actCtx, context);
}
}
// If the trust decision allows the application to run, then it should also have a permission set
// which is at least the permission set the application requested.
ApplicationSecurityInfo appRequest = new ApplicationSecurityInfo(actCtx);
if (appTrust != null &&
appTrust.IsApplicationTrustedToRun &&
!appRequest.DefaultRequestSet.IsSubsetOf(appTrust.DefaultGrantSet.PermissionSet))
{
throw new InvalidOperationException(Environment.GetResourceString("Policy_AppTrustMustGrantAppRequest"));
}
return appTrust;
}
#endif //!FEATURE_PAL
public virtual PermissionSet ResolvePolicy (Evidence evidence) {
return SecurityManager.PolicyManager.ResolveHelper(evidence);
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// ==++==
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// ==--==
//
// A HostSecurityManager gives a hosting application the chance to
// participate in the security decisions in the AppDomain.
//
namespace System.Security {
using System.Collections;
using System.Deployment.Internal.Isolation;
using System.Deployment.Internal.Isolation.Manifest;
using System.Reflection;
using System.Security;
using System.Security.Permissions;
using System.Security.Policy;
using System.Runtime.Hosting;
[Flags, Serializable()]
[System.Runtime.InteropServices.ComVisible(true)]
public enum HostSecurityManagerOptions {
None = 0x0000,
HostAppDomainEvidence = 0x0001,
HostPolicyLevel = 0x0002,
HostAssemblyEvidence = 0x0004,
HostDetermineApplicationTrust = 0x0008,
HostResolvePolicy = 0x0010,
AllFlags = 0x001F
}
[Serializable]
[SecurityPermissionAttribute(SecurityAction.LinkDemand, Flags=SecurityPermissionFlag.Infrastructure)]
[SecurityPermissionAttribute(SecurityAction.InheritanceDemand, Flags=SecurityPermissionFlag.Infrastructure)]
[System.Runtime.InteropServices.ComVisible(true)]
public class HostSecurityManager {
public HostSecurityManager () {}
// The host can choose which events he wants to participate in. This property can be set when
// the host only cares about a subset of the capabilities exposed through the HostSecurityManager.
public virtual HostSecurityManagerOptions Flags {
get {
// We use AllFlags as the default.
return HostSecurityManagerOptions.AllFlags;
}
}
// provide policy for the AppDomain.
public virtual PolicyLevel DomainPolicy {
get {
return null;
}
}
public virtual Evidence ProvideAppDomainEvidence (Evidence inputEvidence) {
// The default implementation does not modify the input evidence.
return inputEvidence;
}
public virtual Evidence ProvideAssemblyEvidence (Assembly loadedAssembly, Evidence inputEvidence) {
// The default implementation does not modify the input evidence.
return inputEvidence;
}
#if !FEATURE_PAL
[SecurityPermissionAttribute(SecurityAction.Assert, Unrestricted=true)]
public virtual ApplicationTrust DetermineApplicationTrust (Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context) {
if (applicationEvidence == null)
throw new ArgumentNullException("applicationEvidence");
// This method looks for a trust decision for the ActivationContext in three locations, in order
// of preference:
//
// 1. Supplied by the host in the AppDomainSetup. If the host supplied a decision this way, it
// will be in the applicationEvidence.
// 2. Reuse the ApplicationTrust from the current AppDomain
// 3. Ask the TrustManager for a trust decision
// get the activation context from the application evidence.
// The default HostSecurityManager does not examine the activatorEvidence
// but other security managers could use it to figure out the
// evidence of the domain attempting to activate the application.
IEnumerator enumerator = applicationEvidence.GetHostEnumerator();
ActivationArguments activationArgs = null;
ApplicationTrust appTrust = null;
while (enumerator.MoveNext())
{
if (activationArgs == null)
activationArgs = enumerator.Current as ActivationArguments;
if (appTrust == null)
appTrust = enumerator.Current as ApplicationTrust;
if (activationArgs != null && appTrust != null)
break;
}
if (activationArgs == null)
throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence"));
ActivationContext actCtx = activationArgs.ActivationContext;
if (actCtx == null)
throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence"));
// Make sure that any ApplicationTrust we find applies to the ActivationContext we're
// creating the new AppDomain for.
if (appTrust != null &&
!CmsUtils.CompareIdentities(appTrust.ApplicationIdentity, activationArgs.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion))
{
appTrust = null;
}
// If there was not a trust decision supplied in the Evidence, we can reuse the existing trust
// decision from this domain if its identity matches the ActivationContext of the new domain.
// Otherwise consult the TrustManager for a trust decision
if (appTrust == null)
{
if (AppDomain.CurrentDomain.ApplicationTrust != null &&
CmsUtils.CompareIdentities(AppDomain.CurrentDomain.ApplicationTrust.ApplicationIdentity, activationArgs.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion))
{
appTrust = AppDomain.CurrentDomain.ApplicationTrust;
}
else
{
appTrust = ApplicationSecurityManager.DetermineApplicationTrustInternal(actCtx, context);
}
}
// If the trust decision allows the application to run, then it should also have a permission set
// which is at least the permission set the application requested.
ApplicationSecurityInfo appRequest = new ApplicationSecurityInfo(actCtx);
if (appTrust != null &&
appTrust.IsApplicationTrustedToRun &&
!appRequest.DefaultRequestSet.IsSubsetOf(appTrust.DefaultGrantSet.PermissionSet))
{
throw new InvalidOperationException(Environment.GetResourceString("Policy_AppTrustMustGrantAppRequest"));
}
return appTrust;
}
#endif //!FEATURE_PAL
public virtual PermissionSet ResolvePolicy (Evidence evidence) {
return SecurityManager.PolicyManager.ResolveHelper(evidence);
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- UserControl.cs
- UserControlDocumentDesigner.cs
- HtmlContainerControl.cs
- FieldBuilder.cs
- WizardSideBarListControlItem.cs
- ColorTranslator.cs
- ResourceDescriptionAttribute.cs
- MD5CryptoServiceProvider.cs
- FilterQuery.cs
- CheckBoxPopupAdapter.cs
- NamespaceMapping.cs
- ErrorActivity.cs
- EmptyWithCancelationCheckWorkItem.cs
- ProjectionCamera.cs
- FormatConvertedBitmap.cs
- StateDesigner.cs
- MissingFieldException.cs
- ProfileSection.cs
- GlyphRunDrawing.cs
- Int32Rect.cs
- MessageSecurityProtocol.cs
- PseudoWebRequest.cs
- PropertyDescriptorGridEntry.cs
- TabletCollection.cs
- ReturnEventArgs.cs
- DataGridViewHitTestInfo.cs
- PipelineModuleStepContainer.cs
- SqlRowUpdatingEvent.cs
- HandledMouseEvent.cs
- SelectionChangedEventArgs.cs
- DataGridViewLinkColumn.cs
- X509CertificateClaimSet.cs
- WebBrowsableAttribute.cs
- WindowsListBox.cs
- SqlError.cs
- ReferencedAssembly.cs
- SqlDataSourceSelectingEventArgs.cs
- PrinterSettings.cs
- Debug.cs
- TableRowCollection.cs
- DataSourceXmlClassAttribute.cs
- HtmlElementCollection.cs
- IDataContractSurrogate.cs
- BooleanKeyFrameCollection.cs
- TableDetailsRow.cs
- SerialErrors.cs
- SubqueryRules.cs
- UInt64.cs
- NavigatorOutput.cs
- EmptyControlCollection.cs
- ChannelSinkStacks.cs
- Win32Exception.cs
- ReachDocumentReferenceSerializerAsync.cs
- SynchronizedInputPattern.cs
- ExpressionPrinter.cs
- SubMenuStyleCollection.cs
- RemoteWebConfigurationHostServer.cs
- ZipIOExtraFieldElement.cs
- CngUIPolicy.cs
- AssignDesigner.xaml.cs
- ValidationResult.cs
- DateTime.cs
- ParameterBuilder.cs
- TextParentUndoUnit.cs
- ExternalException.cs
- EndEvent.cs
- CryptoProvider.cs
- WebPartUserCapability.cs
- PropertyInformationCollection.cs
- LinkedResource.cs
- RegexTree.cs
- UnmanagedMemoryStreamWrapper.cs
- ZipIOExtraFieldPaddingElement.cs
- MLangCodePageEncoding.cs
- WindowsEditBox.cs
- BaseCAMarshaler.cs
- ComponentGuaranteesAttribute.cs
- DataFormats.cs
- HtmlInputFile.cs
- FontWeightConverter.cs
- KeyNotFoundException.cs
- PatternMatcher.cs
- DataRowView.cs
- SystemIPv6InterfaceProperties.cs
- BindingsCollection.cs
- ToolStripItem.cs
- EntityException.cs
- FixedSOMElement.cs
- EdmConstants.cs
- ByteBufferPool.cs
- HwndAppCommandInputProvider.cs
- KeyedCollection.cs
- XmlWrappingWriter.cs
- BrowserCapabilitiesCompiler.cs
- Win32Exception.cs
- StatusBarDrawItemEvent.cs
- HitTestWithGeometryDrawingContextWalker.cs
- ValidateNames.cs
- WorkflowOperationContext.cs
- QilTernary.cs