Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / PartialTrustHelpers.cs / 1 / PartialTrustHelpers.cs
//------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel { using System.Security; using System.Web; using System.Threading; using System.Diagnostics; using System.Reflection; using System.Security.Permissions; static class PartialTrustHelpers { ////// Critical - caches the PermissionSet associated with the asp.net trust level /// this will not change over the life of the AppDomain /// [SecurityCritical] static SecurityContext aspNetSecurityContext; ////// Critical - if erroneously set to true, could bypass the PermitOnly /// [SecurityCritical] static bool isInitialized; ////// RequiresReview - determines if the given PermissionSet is full trust /// we will base subsequent security decisions on this /// [SecurityRequiresReview] static bool IsFullTrust(PermissionSet perms) { return perms == null || perms.IsUnrestricted(); } internal static bool NeedPartialTrustInvoke { ////// Critical - makes a security sensitive decision, updates aspNetSecurityContext and isInitialized /// Safe - ok to know whether the ASP app is partial trust /// [SecurityCritical, SecurityTreatAsSafe] get { if (!isInitialized) { NamedPermissionSet aspNetPermissionSet = HttpRuntime.GetNamedPermissionSet(); if (!IsFullTrust(aspNetPermissionSet)) { try { aspNetPermissionSet.PermitOnly(); aspNetSecurityContext = CaptureSecurityContextNoIdentityFlow(); } finally { CodeAccessPermission.RevertPermitOnly(); } } isInitialized = true; } return aspNetSecurityContext != null; } } ////// Critical - captures security context with identity flow suppressed, this requires satisfying a LinkDemand for infrastructure /// [SecurityCritical] internal static SecurityContext CaptureSecurityContextNoIdentityFlow() { // capture the security context but never flow windows identity if (SecurityContext.IsWindowsIdentityFlowSuppressed()) { return SecurityContext.Capture(); } else { using (SecurityContext.SuppressFlowWindowsIdentity()) { return SecurityContext.Capture(); } } } ////// Critical - touches aspNetSecurityContext /// Safe - ok to invoke the user's delegate under the PT context /// [SecurityCritical, SecurityTreatAsSafe] internal static void PartialTrustInvoke(ContextCallback callback, object state) { if (NeedPartialTrustInvoke) { SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state); } else { callback(state); } } ////// Critical - used in a security-sensitive decision /// [SecurityCritical] internal static bool IsTypeAptca(Type type) { Assembly assembly = type.Assembly; return IsAssemblyAptca(assembly) || !IsAssemblySigned(assembly); } ////// Critical - used in a security-sensitive decision /// [SecurityCritical] static Type aptca; ////// Critical - used in a security-sensitive decision /// [SecurityCritical] static bool IsAssemblyAptca(Assembly assembly) { if (aptca == null) { aptca = typeof(AllowPartiallyTrustedCallersAttribute); } return assembly.GetCustomAttributes(aptca, false).Length > 0; } ////// Critical - used in a security-sensitive decision /// [SecurityCritical] [FileIOPermission(SecurityAction.Assert, Unrestricted=true)] static bool IsAssemblySigned(Assembly assembly) { byte[] publicKeyToken = assembly.GetName().GetPublicKeyToken(); return publicKeyToken != null & publicKeyToken.Length > 0; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ToolboxBitmapAttribute.cs
- CompoundFileIOPermission.cs
- SafeProcessHandle.cs
- MetadataCache.cs
- Glyph.cs
- LocalizableAttribute.cs
- XmlEntityReference.cs
- BoolExpression.cs
- TextShapeableCharacters.cs
- PrintPageEvent.cs
- BufferManager.cs
- metadatamappinghashervisitor.hashsourcebuilder.cs
- LogWriteRestartAreaState.cs
- LocationUpdates.cs
- TriggerAction.cs
- ObjectCacheHost.cs
- ColumnResizeAdorner.cs
- ApplicationId.cs
- dataprotectionpermissionattribute.cs
- securestring.cs
- CodeNamespaceImport.cs
- LoginCancelEventArgs.cs
- FrameworkElementAutomationPeer.cs
- SerialErrors.cs
- SwitchAttribute.cs
- SyndicationSerializer.cs
- ErrorTolerantObjectWriter.cs
- XmlEncodedRawTextWriter.cs
- IntegerFacetDescriptionElement.cs
- TemplateControlBuildProvider.cs
- KeyNotFoundException.cs
- AsyncPostBackErrorEventArgs.cs
- UInt64Storage.cs
- WindowsIdentity.cs
- Keywords.cs
- COM2ColorConverter.cs
- SafeWaitHandle.cs
- ZoneMembershipCondition.cs
- ParserContext.cs
- AttachedPropertyBrowsableForTypeAttribute.cs
- MimeParameterWriter.cs
- SeverityFilter.cs
- MetadataProperty.cs
- ToolBarButtonDesigner.cs
- JoinTreeSlot.cs
- Int32RectValueSerializer.cs
- ContainerParaClient.cs
- ToolConsole.cs
- FixedSOMTableRow.cs
- DesignerSerializationOptionsAttribute.cs
- DataGridViewCellLinkedList.cs
- RSACryptoServiceProvider.cs
- StandardBindingCollectionElement.cs
- AttachmentCollection.cs
- IdnMapping.cs
- CommentAction.cs
- ErrorActivity.cs
- ExtractedStateEntry.cs
- NamespaceExpr.cs
- GridItemPatternIdentifiers.cs
- AnnotationResourceCollection.cs
- TextRangeEditTables.cs
- PipeStream.cs
- COM2IDispatchConverter.cs
- SetStoryboardSpeedRatio.cs
- ItemsControlAutomationPeer.cs
- Win32.cs
- HttpCapabilitiesSectionHandler.cs
- DrawTreeNodeEventArgs.cs
- ExtenderProvidedPropertyAttribute.cs
- webbrowsersite.cs
- ParameterCollectionEditorForm.cs
- TabControl.cs
- DataGridViewRowStateChangedEventArgs.cs
- ConnectivityStatus.cs
- BindingBase.cs
- WebPartUtil.cs
- _LocalDataStore.cs
- DispatcherSynchronizationContext.cs
- _TransmitFileOverlappedAsyncResult.cs
- ActivationArguments.cs
- AssemblyBuilder.cs
- UInt64Converter.cs
- XmlILStorageConverter.cs
- RegisteredExpandoAttribute.cs
- DoubleCollectionConverter.cs
- WebPartAddingEventArgs.cs
- HandlerBase.cs
- WebPartManagerInternals.cs
- ResourcePool.cs
- DSASignatureDeformatter.cs
- FtpRequestCacheValidator.cs
- ForwardPositionQuery.cs
- BinaryCommonClasses.cs
- DataGridViewUtilities.cs
- TextTreeUndo.cs
- SqlServices.cs
- Triplet.cs
- ErrorEventArgs.cs
- SmiTypedGetterSetter.cs