Code:
/ Dotnetfx_Win7_3.5.1 / Dotnetfx_Win7_3.5.1 / 3.5.1 / DEVDIV / depot / DevDiv / releases / whidbey / NetFXspW7 / ndp / clr / src / BCL / System / Security / FrameSecurityDescriptor.cs / 1 / FrameSecurityDescriptor.cs
// ==++==
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// ==--==
namespace System.Security {
using System.Text;
using System.Runtime.CompilerServices;
using System.Threading;
using System;
using System.Collections;
using System.Security.Permissions;
using System.Globalization;
using System.Runtime.ConstrainedExecution;
#if !FEATURE_PAL
using Microsoft.Win32.SafeHandles;
using System.Security.Principal;
#endif
//FrameSecurityDescriptor.cs
//
// Internal use only.
// DO NOT DOCUMENT
//
[Serializable()]
sealed internal class FrameSecurityDescriptor
{
/* EE has native FrameSecurityDescriptorObject definition in object.h
Make sure to update that structure as well, if you make any changes here.
*/
private PermissionSet m_assertions; // imperative asserts
private PermissionSet m_denials; // imperative denials
private PermissionSet m_restriction; // imperative permitonlys
private PermissionSet m_DeclarativeAssertions;
private PermissionSet m_DeclarativeDenials;
private PermissionSet m_DeclarativeRestrictions;
#if !FEATURE_PAL
// if this frame contains a call to any WindowsIdentity.Impersonate(),
// we save the previous SafeTokenHandles here (in the next two fields)
// Used during exceptionstackwalks to revert impersonation before calling filters
[NonSerialized]
private SafeTokenHandle m_callerToken;
[NonSerialized]
private SafeTokenHandle m_impToken;
#endif
private bool m_AssertFT;
private bool m_assertAllPossible;
#pragma warning disable 169
private bool m_declSecComputed; // set from the VM to indicate that the declarative A/PO/D on this frame has been populated
#pragma warning restore 169
[MethodImplAttribute(MethodImplOptions.InternalCall)]
private static extern void IncrementOverridesCount();
[MethodImplAttribute(MethodImplOptions.InternalCall)]
private static extern void DecrementOverridesCount();
[MethodImplAttribute(MethodImplOptions.InternalCall)]
private static extern void IncrementAssertCount();
[MethodImplAttribute(MethodImplOptions.InternalCall)]
private static extern void DecrementAssertCount();
// Default constructor.
internal FrameSecurityDescriptor()
{
//m_flags = 0;
}
//------------------------------------------------------------+
// H E L P E R
//-----------------------------------------------------------+
private PermissionSet CreateSingletonSet(IPermission perm)
{
PermissionSet permSet = new PermissionSet(false);
permSet.AddPermission(perm.Copy());
return permSet;
}
//-----------------------------------------------------------+
// A S S E R T
//-----------------------------------------------------------+
internal bool HasImperativeAsserts()
{
// we store declarative actions in both fields, so check if they are different
return (m_assertions != null);
}
internal bool HasImperativeDenials()
{
// we store declarative actions in both fields, so check if they are different
return (m_denials != null);
}
internal bool HasImperativeRestrictions()
{
// we store declarative actions in both fields, so check if they are different
return (m_restriction != null);
}
internal void SetAssert(IPermission perm)
{
m_assertions = CreateSingletonSet(perm);
IncrementAssertCount();
}
internal void SetAssert(PermissionSet permSet)
{
m_assertions = permSet.Copy();
m_AssertFT = m_AssertFT || (CodeAccessSecurityEngine.DoesFullTrustMeanFullTrust() && m_assertions.IsUnrestricted());
IncrementAssertCount();
}
internal PermissionSet GetAssertions(bool fDeclarative)
{
return (fDeclarative) ? m_DeclarativeAssertions : m_assertions;
}
internal void SetAssertAllPossible()
{
m_assertAllPossible = true;
IncrementAssertCount();
}
internal bool GetAssertAllPossible()
{
return m_assertAllPossible;
}
//------------------------------------------------------------+
// D E N Y
//-----------------------------------------------------------+
internal void SetDeny(IPermission perm)
{
m_denials = CreateSingletonSet(perm);
IncrementOverridesCount();
}
internal void SetDeny(PermissionSet permSet)
{
m_denials = permSet.Copy();
IncrementOverridesCount();
}
internal PermissionSet GetDenials(bool fDeclarative)
{
return (fDeclarative) ? m_DeclarativeDenials: m_denials;
}
//------------------------------------------------------------+
// R E S T R I C T
//------------------------------------------------------------+
internal void SetPermitOnly(IPermission perm)
{
m_restriction = CreateSingletonSet(perm);
IncrementOverridesCount();
}
internal void SetPermitOnly(PermissionSet permSet)
{
// permSet must not be null
m_restriction = permSet.Copy();
IncrementOverridesCount();
}
internal PermissionSet GetPermitOnly(bool fDeclarative)
{
return (fDeclarative) ? m_DeclarativeRestrictions : m_restriction;
}
#if !FEATURE_PAL
//-----------------------------------------------------------+
// SafeTokenHandle (Impersonation + EH purposes)
//------------------------------------------------------------+
internal void SetTokenHandles (SafeTokenHandle callerToken, SafeTokenHandle impToken)
{
m_callerToken = callerToken;
m_impToken = impToken;
}
#endif
//-----------------------------------------------------------+
// R E V E R T
//-----------------------------------------------------------+
internal void RevertAssert()
{
if (m_assertions != null)
{
m_assertions = null;
DecrementAssertCount();
}
if (m_DeclarativeAssertions != null)
{
m_AssertFT = (CodeAccessSecurityEngine.DoesFullTrustMeanFullTrust() && m_DeclarativeAssertions.IsUnrestricted());;
}
else
m_AssertFT = false;
}
internal void RevertAssertAllPossible()
{
if (m_assertAllPossible)
{
m_assertAllPossible = false;
DecrementAssertCount();
}
}
internal void RevertDeny()
{
if (HasImperativeDenials())
{
DecrementOverridesCount();
m_denials = null;
}
}
internal void RevertPermitOnly()
{
if (HasImperativeRestrictions())
{
DecrementOverridesCount();
m_restriction= null;;
}
}
internal void RevertAll()
{
RevertAssert();
RevertAssertAllPossible();
RevertDeny();
RevertPermitOnly();
}
//-----------------------------------------------------------+
// Demand Evaluation
//------------------------------------------------------------+
// This will get called when we hit a FSD while evaluating a demand on the call stack or compressedstack
internal bool CheckDemand(CodeAccessPermission demand, PermissionToken permToken, RuntimeMethodHandle rmh)
{
// imperative security
bool fContinue = CheckDemand2(demand, permToken, rmh, false);
if (fContinue == SecurityRuntime.StackContinue)
{
// declarative security
fContinue = CheckDemand2(demand, permToken, rmh, true);
}
return fContinue;
}
internal bool CheckDemand2(CodeAccessPermission demand, PermissionToken permToken, RuntimeMethodHandle rmh, bool fDeclarative)
{
PermissionSet permSet;
// If the demand is null, there is no need to continue
BCLDebug.Assert(demand != null && !demand.CheckDemand(null), "Empty demands should have been filtered out by this point");
// decode imperative
if (GetPermitOnly(fDeclarative) != null)
GetPermitOnly(fDeclarative).CheckDecoded(demand, permToken);
if (GetDenials(fDeclarative) != null)
GetDenials(fDeclarative).CheckDecoded(demand, permToken);
if (GetAssertions(fDeclarative) != null)
GetAssertions(fDeclarative).CheckDecoded(demand, permToken);
// NOTE: See notes about exceptions and exception handling in FrameDescSetHelper
bool bThreadSecurity = SecurityManager._SetThreadSecurity(false);
// Check Reduction
try
{
permSet = GetPermitOnly(fDeclarative);
if (permSet != null)
{
CodeAccessPermission perm = (CodeAccessPermission)permSet.GetPermission(demand);
// If the permit only set does not contain the demanded permission, throw a security exception
if (perm == null)
{
if(!(permSet.IsUnrestricted() && demand.CanUnrestrictedOverride()))
throw new SecurityException(String.Format(CultureInfo.InvariantCulture, Environment.GetResourceString("Security_Generic"), demand.GetType().AssemblyQualifiedName), null, permSet, SecurityRuntime.GetMethodInfo(rmh), demand, demand);
}
else
{
bool bNeedToThrow = true;
try
{
bNeedToThrow = !demand.CheckPermitOnly(perm);
}
catch (ArgumentException)
{
}
if (bNeedToThrow)
throw new SecurityException(String.Format(CultureInfo.InvariantCulture, Environment.GetResourceString("Security_Generic"), demand.GetType().AssemblyQualifiedName), null, permSet, SecurityRuntime.GetMethodInfo(rmh), demand, demand);
}
}
// Check Denials
permSet = GetDenials(fDeclarative);
if (permSet != null)
{
CodeAccessPermission perm = (CodeAccessPermission)permSet.GetPermission(demand);
// If an unrestricted set was denied and the demand implements IUnrestricted
if (permSet.IsUnrestricted() && demand.CanUnrestrictedOverride())
throw new SecurityException(String.Format(CultureInfo.InvariantCulture, Environment.GetResourceString("Security_Generic"), demand.GetType().AssemblyQualifiedName), permSet, null, SecurityRuntime.GetMethodInfo(rmh), demand, demand);
// If the deny set does contain the demanded permission, throw a security exception
bool bNeedToThrow = true;
try
{
bNeedToThrow = !demand.CheckDeny(perm);
}
catch (ArgumentException)
{
}
if (bNeedToThrow)
throw new SecurityException(String.Format(CultureInfo.InvariantCulture, Environment.GetResourceString("Security_Generic"), demand.GetType().AssemblyQualifiedName), permSet, null, SecurityRuntime.GetMethodInfo(rmh), demand, demand);
}
if (GetAssertAllPossible())
{
return SecurityRuntime.StackHalt;
}
permSet = GetAssertions(fDeclarative);
// Check Assertions
if (permSet != null)
{
CodeAccessPermission perm = (CodeAccessPermission)permSet.GetPermission(demand);
// If the assert set does contain the demanded permission, halt the stackwalk
try
{
if ((permSet.IsUnrestricted() && demand.CanUnrestrictedOverride()) || (demand.CheckAssert(perm)))
{
return SecurityRuntime.StackHalt;
}
}
catch (ArgumentException)
{
}
}
}
finally
{
if (bThreadSecurity)
SecurityManager._SetThreadSecurity(true);
}
return SecurityRuntime.StackContinue;
}
internal bool CheckSetDemand(PermissionSet demandSet,
out PermissionSet alteredDemandSet,
RuntimeMethodHandle rmh)
{
// imperative security
PermissionSet altPset1 = null, altPset2 = null;
bool fContinue = CheckSetDemand2(demandSet, out altPset1, rmh, false);
if (altPset1 != null)
{
demandSet = altPset1;
}
if (fContinue == SecurityRuntime.StackContinue)
{
// declarative security
fContinue = CheckSetDemand2(demandSet, out altPset2, rmh, true);
}
// Return the most recent altered set
// If both declarative and imperative asserts modified the demand set: return altPset2
// Else if imperative asserts modified the demand set: return altPset1
// else no alteration: return null
if (altPset2 != null)
alteredDemandSet = altPset2;
else if (altPset1 != null)
alteredDemandSet = altPset1;
else
alteredDemandSet = null;
return fContinue;
}
internal bool CheckSetDemand2(PermissionSet demandSet,
out PermissionSet alteredDemandSet,
RuntimeMethodHandle rmh, bool fDeclarative)
{
PermissionSet permSet;
// In the common case we are not going to alter the demand set, so just to
// be safe we'll set it to null up front.
alteredDemandSet = null;
// There's some oddness in here to deal with exceptions. The general idea behind
// this is that we need some way of dealing with custom permissions that may not
// handle all possible scenarios of Union(), Intersect(), and IsSubsetOf() properly
// (they don't support it, throw null reference exceptions, etc.).
// An empty demand always succeeds.
if (demandSet == null || demandSet.IsEmpty())
return SecurityRuntime.StackHalt;
if (GetPermitOnly(fDeclarative) != null)
GetPermitOnly(fDeclarative).CheckDecoded( demandSet );
if (GetDenials(fDeclarative) != null)
GetDenials(fDeclarative).CheckDecoded( demandSet );
if (GetAssertions(fDeclarative) != null)
GetAssertions(fDeclarative).CheckDecoded( demandSet );
bool bThreadSecurity = SecurityManager._SetThreadSecurity(false);
try
{
// In the case of permit only, we define an exception to be failure of the check
// and therefore we throw a security exception.
permSet = GetPermitOnly(fDeclarative);
if (permSet != null)
{
IPermission permFailed = null;
bool bNeedToThrow = true;
try
{
bNeedToThrow = !demandSet.CheckPermitOnly(permSet, out permFailed);
}
catch (ArgumentException)
{
}
if (bNeedToThrow)
throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"), null, permSet, SecurityRuntime.GetMethodInfo(rmh), demandSet, permFailed);
}
// In the case of denial, we define an exception to be failure of the check
// and therefore we throw a security exception.
permSet = GetDenials(fDeclarative);
if (permSet != null)
{
IPermission permFailed = null;
bool bNeedToThrow = true;
try
{
bNeedToThrow = !demandSet.CheckDeny(permSet, out permFailed);
}
catch (ArgumentException)
{
}
if (bNeedToThrow)
throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"), permSet, null, SecurityRuntime.GetMethodInfo(rmh), demandSet, permFailed);
}
// The assert case is more complex. Since asserts have the ability to "bleed through"
// (where part of a demand is handled by an assertion, but the rest is passed on to
// continue the stackwalk), we need to be more careful in handling the "failure" case.
// Therefore, if an exception is thrown in performing any operation, we make sure to keep
// that permission in the demand set thereby continuing the demand for that permission
// walking down the stack.
if (GetAssertAllPossible())
{
return SecurityRuntime.StackHalt;
}
permSet = GetAssertions(fDeclarative);
if (permSet != null)
{
// If this frame asserts a superset of the demand set we're done
if (demandSet.CheckAssertion( permSet ))
return SecurityRuntime.StackHalt;
// Determine whether any of the demand set asserted. We do this by
// copying the demand set and removing anything in it that is asserted.
if (!permSet.IsUnrestricted())
{
PermissionSet.RemoveAssertedPermissionSet(demandSet, permSet, out alteredDemandSet);
}
}
}
finally
{
if (bThreadSecurity)
SecurityManager._SetThreadSecurity(true);
}
return SecurityRuntime.StackContinue;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// ==++==
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// ==--==
namespace System.Security {
using System.Text;
using System.Runtime.CompilerServices;
using System.Threading;
using System;
using System.Collections;
using System.Security.Permissions;
using System.Globalization;
using System.Runtime.ConstrainedExecution;
#if !FEATURE_PAL
using Microsoft.Win32.SafeHandles;
using System.Security.Principal;
#endif
//FrameSecurityDescriptor.cs
//
// Internal use only.
// DO NOT DOCUMENT
//
[Serializable()]
sealed internal class FrameSecurityDescriptor
{
/* EE has native FrameSecurityDescriptorObject definition in object.h
Make sure to update that structure as well, if you make any changes here.
*/
private PermissionSet m_assertions; // imperative asserts
private PermissionSet m_denials; // imperative denials
private PermissionSet m_restriction; // imperative permitonlys
private PermissionSet m_DeclarativeAssertions;
private PermissionSet m_DeclarativeDenials;
private PermissionSet m_DeclarativeRestrictions;
#if !FEATURE_PAL
// if this frame contains a call to any WindowsIdentity.Impersonate(),
// we save the previous SafeTokenHandles here (in the next two fields)
// Used during exceptionstackwalks to revert impersonation before calling filters
[NonSerialized]
private SafeTokenHandle m_callerToken;
[NonSerialized]
private SafeTokenHandle m_impToken;
#endif
private bool m_AssertFT;
private bool m_assertAllPossible;
#pragma warning disable 169
private bool m_declSecComputed; // set from the VM to indicate that the declarative A/PO/D on this frame has been populated
#pragma warning restore 169
[MethodImplAttribute(MethodImplOptions.InternalCall)]
private static extern void IncrementOverridesCount();
[MethodImplAttribute(MethodImplOptions.InternalCall)]
private static extern void DecrementOverridesCount();
[MethodImplAttribute(MethodImplOptions.InternalCall)]
private static extern void IncrementAssertCount();
[MethodImplAttribute(MethodImplOptions.InternalCall)]
private static extern void DecrementAssertCount();
// Default constructor.
internal FrameSecurityDescriptor()
{
//m_flags = 0;
}
//------------------------------------------------------------+
// H E L P E R
//-----------------------------------------------------------+
private PermissionSet CreateSingletonSet(IPermission perm)
{
PermissionSet permSet = new PermissionSet(false);
permSet.AddPermission(perm.Copy());
return permSet;
}
//-----------------------------------------------------------+
// A S S E R T
//-----------------------------------------------------------+
internal bool HasImperativeAsserts()
{
// we store declarative actions in both fields, so check if they are different
return (m_assertions != null);
}
internal bool HasImperativeDenials()
{
// we store declarative actions in both fields, so check if they are different
return (m_denials != null);
}
internal bool HasImperativeRestrictions()
{
// we store declarative actions in both fields, so check if they are different
return (m_restriction != null);
}
internal void SetAssert(IPermission perm)
{
m_assertions = CreateSingletonSet(perm);
IncrementAssertCount();
}
internal void SetAssert(PermissionSet permSet)
{
m_assertions = permSet.Copy();
m_AssertFT = m_AssertFT || (CodeAccessSecurityEngine.DoesFullTrustMeanFullTrust() && m_assertions.IsUnrestricted());
IncrementAssertCount();
}
internal PermissionSet GetAssertions(bool fDeclarative)
{
return (fDeclarative) ? m_DeclarativeAssertions : m_assertions;
}
internal void SetAssertAllPossible()
{
m_assertAllPossible = true;
IncrementAssertCount();
}
internal bool GetAssertAllPossible()
{
return m_assertAllPossible;
}
//------------------------------------------------------------+
// D E N Y
//-----------------------------------------------------------+
internal void SetDeny(IPermission perm)
{
m_denials = CreateSingletonSet(perm);
IncrementOverridesCount();
}
internal void SetDeny(PermissionSet permSet)
{
m_denials = permSet.Copy();
IncrementOverridesCount();
}
internal PermissionSet GetDenials(bool fDeclarative)
{
return (fDeclarative) ? m_DeclarativeDenials: m_denials;
}
//------------------------------------------------------------+
// R E S T R I C T
//------------------------------------------------------------+
internal void SetPermitOnly(IPermission perm)
{
m_restriction = CreateSingletonSet(perm);
IncrementOverridesCount();
}
internal void SetPermitOnly(PermissionSet permSet)
{
// permSet must not be null
m_restriction = permSet.Copy();
IncrementOverridesCount();
}
internal PermissionSet GetPermitOnly(bool fDeclarative)
{
return (fDeclarative) ? m_DeclarativeRestrictions : m_restriction;
}
#if !FEATURE_PAL
//-----------------------------------------------------------+
// SafeTokenHandle (Impersonation + EH purposes)
//------------------------------------------------------------+
internal void SetTokenHandles (SafeTokenHandle callerToken, SafeTokenHandle impToken)
{
m_callerToken = callerToken;
m_impToken = impToken;
}
#endif
//-----------------------------------------------------------+
// R E V E R T
//-----------------------------------------------------------+
internal void RevertAssert()
{
if (m_assertions != null)
{
m_assertions = null;
DecrementAssertCount();
}
if (m_DeclarativeAssertions != null)
{
m_AssertFT = (CodeAccessSecurityEngine.DoesFullTrustMeanFullTrust() && m_DeclarativeAssertions.IsUnrestricted());;
}
else
m_AssertFT = false;
}
internal void RevertAssertAllPossible()
{
if (m_assertAllPossible)
{
m_assertAllPossible = false;
DecrementAssertCount();
}
}
internal void RevertDeny()
{
if (HasImperativeDenials())
{
DecrementOverridesCount();
m_denials = null;
}
}
internal void RevertPermitOnly()
{
if (HasImperativeRestrictions())
{
DecrementOverridesCount();
m_restriction= null;;
}
}
internal void RevertAll()
{
RevertAssert();
RevertAssertAllPossible();
RevertDeny();
RevertPermitOnly();
}
//-----------------------------------------------------------+
// Demand Evaluation
//------------------------------------------------------------+
// This will get called when we hit a FSD while evaluating a demand on the call stack or compressedstack
internal bool CheckDemand(CodeAccessPermission demand, PermissionToken permToken, RuntimeMethodHandle rmh)
{
// imperative security
bool fContinue = CheckDemand2(demand, permToken, rmh, false);
if (fContinue == SecurityRuntime.StackContinue)
{
// declarative security
fContinue = CheckDemand2(demand, permToken, rmh, true);
}
return fContinue;
}
internal bool CheckDemand2(CodeAccessPermission demand, PermissionToken permToken, RuntimeMethodHandle rmh, bool fDeclarative)
{
PermissionSet permSet;
// If the demand is null, there is no need to continue
BCLDebug.Assert(demand != null && !demand.CheckDemand(null), "Empty demands should have been filtered out by this point");
// decode imperative
if (GetPermitOnly(fDeclarative) != null)
GetPermitOnly(fDeclarative).CheckDecoded(demand, permToken);
if (GetDenials(fDeclarative) != null)
GetDenials(fDeclarative).CheckDecoded(demand, permToken);
if (GetAssertions(fDeclarative) != null)
GetAssertions(fDeclarative).CheckDecoded(demand, permToken);
// NOTE: See notes about exceptions and exception handling in FrameDescSetHelper
bool bThreadSecurity = SecurityManager._SetThreadSecurity(false);
// Check Reduction
try
{
permSet = GetPermitOnly(fDeclarative);
if (permSet != null)
{
CodeAccessPermission perm = (CodeAccessPermission)permSet.GetPermission(demand);
// If the permit only set does not contain the demanded permission, throw a security exception
if (perm == null)
{
if(!(permSet.IsUnrestricted() && demand.CanUnrestrictedOverride()))
throw new SecurityException(String.Format(CultureInfo.InvariantCulture, Environment.GetResourceString("Security_Generic"), demand.GetType().AssemblyQualifiedName), null, permSet, SecurityRuntime.GetMethodInfo(rmh), demand, demand);
}
else
{
bool bNeedToThrow = true;
try
{
bNeedToThrow = !demand.CheckPermitOnly(perm);
}
catch (ArgumentException)
{
}
if (bNeedToThrow)
throw new SecurityException(String.Format(CultureInfo.InvariantCulture, Environment.GetResourceString("Security_Generic"), demand.GetType().AssemblyQualifiedName), null, permSet, SecurityRuntime.GetMethodInfo(rmh), demand, demand);
}
}
// Check Denials
permSet = GetDenials(fDeclarative);
if (permSet != null)
{
CodeAccessPermission perm = (CodeAccessPermission)permSet.GetPermission(demand);
// If an unrestricted set was denied and the demand implements IUnrestricted
if (permSet.IsUnrestricted() && demand.CanUnrestrictedOverride())
throw new SecurityException(String.Format(CultureInfo.InvariantCulture, Environment.GetResourceString("Security_Generic"), demand.GetType().AssemblyQualifiedName), permSet, null, SecurityRuntime.GetMethodInfo(rmh), demand, demand);
// If the deny set does contain the demanded permission, throw a security exception
bool bNeedToThrow = true;
try
{
bNeedToThrow = !demand.CheckDeny(perm);
}
catch (ArgumentException)
{
}
if (bNeedToThrow)
throw new SecurityException(String.Format(CultureInfo.InvariantCulture, Environment.GetResourceString("Security_Generic"), demand.GetType().AssemblyQualifiedName), permSet, null, SecurityRuntime.GetMethodInfo(rmh), demand, demand);
}
if (GetAssertAllPossible())
{
return SecurityRuntime.StackHalt;
}
permSet = GetAssertions(fDeclarative);
// Check Assertions
if (permSet != null)
{
CodeAccessPermission perm = (CodeAccessPermission)permSet.GetPermission(demand);
// If the assert set does contain the demanded permission, halt the stackwalk
try
{
if ((permSet.IsUnrestricted() && demand.CanUnrestrictedOverride()) || (demand.CheckAssert(perm)))
{
return SecurityRuntime.StackHalt;
}
}
catch (ArgumentException)
{
}
}
}
finally
{
if (bThreadSecurity)
SecurityManager._SetThreadSecurity(true);
}
return SecurityRuntime.StackContinue;
}
internal bool CheckSetDemand(PermissionSet demandSet,
out PermissionSet alteredDemandSet,
RuntimeMethodHandle rmh)
{
// imperative security
PermissionSet altPset1 = null, altPset2 = null;
bool fContinue = CheckSetDemand2(demandSet, out altPset1, rmh, false);
if (altPset1 != null)
{
demandSet = altPset1;
}
if (fContinue == SecurityRuntime.StackContinue)
{
// declarative security
fContinue = CheckSetDemand2(demandSet, out altPset2, rmh, true);
}
// Return the most recent altered set
// If both declarative and imperative asserts modified the demand set: return altPset2
// Else if imperative asserts modified the demand set: return altPset1
// else no alteration: return null
if (altPset2 != null)
alteredDemandSet = altPset2;
else if (altPset1 != null)
alteredDemandSet = altPset1;
else
alteredDemandSet = null;
return fContinue;
}
internal bool CheckSetDemand2(PermissionSet demandSet,
out PermissionSet alteredDemandSet,
RuntimeMethodHandle rmh, bool fDeclarative)
{
PermissionSet permSet;
// In the common case we are not going to alter the demand set, so just to
// be safe we'll set it to null up front.
alteredDemandSet = null;
// There's some oddness in here to deal with exceptions. The general idea behind
// this is that we need some way of dealing with custom permissions that may not
// handle all possible scenarios of Union(), Intersect(), and IsSubsetOf() properly
// (they don't support it, throw null reference exceptions, etc.).
// An empty demand always succeeds.
if (demandSet == null || demandSet.IsEmpty())
return SecurityRuntime.StackHalt;
if (GetPermitOnly(fDeclarative) != null)
GetPermitOnly(fDeclarative).CheckDecoded( demandSet );
if (GetDenials(fDeclarative) != null)
GetDenials(fDeclarative).CheckDecoded( demandSet );
if (GetAssertions(fDeclarative) != null)
GetAssertions(fDeclarative).CheckDecoded( demandSet );
bool bThreadSecurity = SecurityManager._SetThreadSecurity(false);
try
{
// In the case of permit only, we define an exception to be failure of the check
// and therefore we throw a security exception.
permSet = GetPermitOnly(fDeclarative);
if (permSet != null)
{
IPermission permFailed = null;
bool bNeedToThrow = true;
try
{
bNeedToThrow = !demandSet.CheckPermitOnly(permSet, out permFailed);
}
catch (ArgumentException)
{
}
if (bNeedToThrow)
throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"), null, permSet, SecurityRuntime.GetMethodInfo(rmh), demandSet, permFailed);
}
// In the case of denial, we define an exception to be failure of the check
// and therefore we throw a security exception.
permSet = GetDenials(fDeclarative);
if (permSet != null)
{
IPermission permFailed = null;
bool bNeedToThrow = true;
try
{
bNeedToThrow = !demandSet.CheckDeny(permSet, out permFailed);
}
catch (ArgumentException)
{
}
if (bNeedToThrow)
throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"), permSet, null, SecurityRuntime.GetMethodInfo(rmh), demandSet, permFailed);
}
// The assert case is more complex. Since asserts have the ability to "bleed through"
// (where part of a demand is handled by an assertion, but the rest is passed on to
// continue the stackwalk), we need to be more careful in handling the "failure" case.
// Therefore, if an exception is thrown in performing any operation, we make sure to keep
// that permission in the demand set thereby continuing the demand for that permission
// walking down the stack.
if (GetAssertAllPossible())
{
return SecurityRuntime.StackHalt;
}
permSet = GetAssertions(fDeclarative);
if (permSet != null)
{
// If this frame asserts a superset of the demand set we're done
if (demandSet.CheckAssertion( permSet ))
return SecurityRuntime.StackHalt;
// Determine whether any of the demand set asserted. We do this by
// copying the demand set and removing anything in it that is asserted.
if (!permSet.IsUnrestricted())
{
PermissionSet.RemoveAssertedPermissionSet(demandSet, permSet, out alteredDemandSet);
}
}
}
finally
{
if (bThreadSecurity)
SecurityManager._SetThreadSecurity(true);
}
return SecurityRuntime.StackContinue;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- TableRowCollection.cs
- PrePrepareMethodAttribute.cs
- TimeSpanMinutesOrInfiniteConverter.cs
- AssemblySettingAttributes.cs
- ContractUtils.cs
- CodeDirectionExpression.cs
- BufferedReadStream.cs
- Utilities.cs
- ImplicitInputBrush.cs
- OleDbPropertySetGuid.cs
- RectangleGeometry.cs
- DrawingGroup.cs
- DataGridViewCellConverter.cs
- GroupBoxRenderer.cs
- CustomExpressionEventArgs.cs
- TextReader.cs
- TimeManager.cs
- SecurityTimestamp.cs
- TextTreeText.cs
- ProgressBarRenderer.cs
- WindowsServiceCredential.cs
- EnumDataContract.cs
- LineVisual.cs
- SqlDataRecord.cs
- MergeEnumerator.cs
- SpecularMaterial.cs
- CompoundFileReference.cs
- ScriptBehaviorDescriptor.cs
- EncryptedPackageFilter.cs
- ClockController.cs
- OpenTypeLayout.cs
- XmlAttributeAttribute.cs
- WebConvert.cs
- VersionedStream.cs
- TextEncodedRawTextWriter.cs
- TraceHandlerErrorFormatter.cs
- CompareInfo.cs
- VoiceChangeEventArgs.cs
- Int32RectConverter.cs
- RankException.cs
- TextEditorTyping.cs
- WebServiceHost.cs
- EmptyStringExpandableObjectConverter.cs
- StoragePropertyMapping.cs
- ListViewTableCell.cs
- TypeDependencyAttribute.cs
- WorkflowMarkupElementEventArgs.cs
- SqlClientMetaDataCollectionNames.cs
- COM2ExtendedTypeConverter.cs
- ActivityPreviewDesigner.cs
- ScrollContentPresenter.cs
- XmlQualifiedNameTest.cs
- FieldNameLookup.cs
- Converter.cs
- ReceiveSecurityHeader.cs
- DefaultTraceListener.cs
- StreamingContext.cs
- Profiler.cs
- Inline.cs
- ContentDefinition.cs
- Rect3DConverter.cs
- HttpCacheParams.cs
- DbFunctionCommandTree.cs
- DocumentPageView.cs
- JoinCqlBlock.cs
- OperatingSystem.cs
- TreeView.cs
- IPAddress.cs
- SortAction.cs
- DataGridLinkButton.cs
- SchemaComplexType.cs
- ToolboxSnapDragDropEventArgs.cs
- XmlSchemaIdentityConstraint.cs
- ContentPresenter.cs
- SpecialNameAttribute.cs
- RequestSecurityToken.cs
- SchemaDeclBase.cs
- HtmlInputButton.cs
- AssemblyName.cs
- WebScriptEnablingElement.cs
- DefaultHttpHandler.cs
- SiteMapNodeCollection.cs
- DataTable.cs
- TextEncodedRawTextWriter.cs
- UiaCoreApi.cs
- BinaryMethodMessage.cs
- ObservableCollection.cs
- SimpleApplicationHost.cs
- XmlCustomFormatter.cs
- TransactionBridgeSection.cs
- DLinqAssociationProvider.cs
- TextInfo.cs
- StackSpiller.Temps.cs
- AnnotationComponentManager.cs
- ConfigDefinitionUpdates.cs
- MsmqHostedTransportManager.cs
- TokenizerHelper.cs
- validationstate.cs
- PropertyOrder.cs
- UrlPropertyAttribute.cs