Code:
/ DotNET / DotNET / 8.0 / untmp / WIN_WINDOWS / lh_tools_devdiv_wpf / Windows / wcp / TrustUi / MS / Internal / documents / Application / CriticalFileToken.cs / 1 / CriticalFileToken.cs
//------------------------------------------------------------------------------ //// Copyright (C) Microsoft Corporation. All rights reserved. // //// The CriticalFileToken class ensures file represented is the one the // user has authorized us to manipulate. // // // History: // 08/28/2005: [....]: Initial implementation. //----------------------------------------------------------------------------- using System; using System.Security; using System.Security.Permissions; using MS.Internal.PresentationUI; namespace MS.Internal.Documents.Application { ////// The CriticalFileToken class ensures file represented is the one the /// user has authorized us to manipulate. /// ////// Responsibility: /// Allow XpsViewer to safely pass around information on which file the user /// has authorized us to manipulate on thier behalf. Ensure that the creator /// of the object has the privledge to manipulate the file represented. /// /// Design Comments: /// Many classes need to perform privledged operations files on behalf of the /// user. However only DocObjHost and FilePresentation can assert it is user /// sourced data. /// /// As such we need them to create this 'token' which will will use as the only /// source of authoritative information for which files we are manipulating. /// /// As any SecurityCritical code can create SecurityCriticalData, we add the /// demand for FileIOPermission that represents the rights that will be asserted /// for in conjuction with this data. /// [FriendAccessAllowed] internal sealed class CriticalFileToken { #region Constructors //------------------------------------------------------------------------- // Constructors //------------------------------------------------------------------------- ////// Critical: /// - as this sets the _location which is Critical. /// TreatAsSafe: /// - the caller already has the value /// - the caller must satisfy the demand which this token grants /// [SecurityCritical, SecurityTreatAsSafe] internal CriticalFileToken(Uri location) { string path = location.LocalPath; new FileIOPermission( FileIOPermissionAccess.Read | FileIOPermissionAccess.Write, path) .Demand(); _location = location; } #endregion Constructors #region Object Members //-------------------------------------------------------------------------- // Object Members //------------------------------------------------------------------------- ////// Compares the values. /// ///True if they are equal. ////// Critical: /// - accesses _location /// TreatAsSafe: /// - does not leak information, simple compares to values the caller /// already had /// [SecurityCritical, SecurityTreatAsSafe] public static bool operator ==(CriticalFileToken a, CriticalFileToken b) { bool result = false; if (((object)a) == null) { if (((object)b) == null) { result = true; } } else { if (((object)b) != null) { result = a._location.ToString().Equals( b._location.ToString(), StringComparison.OrdinalIgnoreCase); } } return result; } ////// Compares the values. /// public static bool operator !=(CriticalFileToken a, CriticalFileToken b) { return !(a==b); } ////// Compares the values. /// public override bool Equals(object obj) { return (this == (obj as CriticalFileToken)); } ////// See Object.GetHashCode(); /// public override int GetHashCode() { return base.GetHashCode(); } #endregion Object Members #region Internal Properties //-------------------------------------------------------------------------- // Internal Properties //-------------------------------------------------------------------------- ////// The location for which the creator satisfied ReadWrite access. /// ////// Critical: /// - the location is sensitive data; it could leak information /// about the system; file structure, OS and user. /// internal Uri Location { [SecurityCritical] get { return _location; } } #endregion Internal Properties #region Private Fields //------------------------------------------------------------------------- // Private Fields //-------------------------------------------------------------------------- ////// Critical - by definition as this is a wrapper for Critical data. /// [SecurityCritical] private Uri _location; #endregion Private Fields } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- OneOfScalarConst.cs
- XPathSingletonIterator.cs
- RTLAwareMessageBox.cs
- CodeExpressionCollection.cs
- SQLByteStorage.cs
- Native.cs
- RequiredAttributeAttribute.cs
- NumberSubstitution.cs
- TableRowCollection.cs
- OracleNumber.cs
- AssertSection.cs
- QueryGenerator.cs
- CreateUserWizardStep.cs
- CannotUnloadAppDomainException.cs
- ImageBrush.cs
- XmlRawWriterWrapper.cs
- X509Chain.cs
- HttpRequestBase.cs
- Translator.cs
- PassportAuthenticationModule.cs
- httpapplicationstate.cs
- DataServiceRequest.cs
- WCFServiceClientProxyGenerator.cs
- FormsAuthenticationCredentials.cs
- HtmlControlPersistable.cs
- DeferredTextReference.cs
- Image.cs
- Matrix3D.cs
- Double.cs
- Misc.cs
- DocumentScope.cs
- Shared.cs
- MachineKeySection.cs
- ManagementQuery.cs
- ContainerVisual.cs
- ModuleConfigurationInfo.cs
- SoapCommonClasses.cs
- BamlRecordReader.cs
- ContractHandle.cs
- IntSecurity.cs
- DesignOnlyAttribute.cs
- UTF8Encoding.cs
- TabRenderer.cs
- AQNBuilder.cs
- xmlglyphRunInfo.cs
- Activator.cs
- DesignerAutoFormat.cs
- Compress.cs
- ConfigPathUtility.cs
- StateItem.cs
- SqlGatherProducedAliases.cs
- DateTimePickerDesigner.cs
- PassportAuthenticationModule.cs
- ConfigXmlElement.cs
- Schema.cs
- SiteMapPath.cs
- TextSchema.cs
- DescendantQuery.cs
- ExpressionNode.cs
- RelationshipConverter.cs
- TextRangeEditTables.cs
- OpCellTreeNode.cs
- ModelUIElement3D.cs
- DeflateStream.cs
- SafeHandles.cs
- ObjectConverter.cs
- ObjectDataSourceSelectingEventArgs.cs
- SettingsSavedEventArgs.cs
- SignatureTargetIdManager.cs
- ShapingWorkspace.cs
- InstanceKey.cs
- Base64Decoder.cs
- ConfigurationSectionGroupCollection.cs
- SynchronizingStream.cs
- GridViewCommandEventArgs.cs
- MouseEvent.cs
- SyndicationSerializer.cs
- NamespaceEmitter.cs
- DeploymentSectionCache.cs
- XmlPreloadedResolver.cs
- PermissionRequestEvidence.cs
- SystemIPGlobalProperties.cs
- CustomError.cs
- DataGrid.cs
- XDeferredAxisSource.cs
- FontStyleConverter.cs
- UserPersonalizationStateInfo.cs
- TreeNode.cs
- SafeNativeMethodsOther.cs
- DataServiceBehavior.cs
- EditorPart.cs
- SqlDataSourceCommandEventArgs.cs
- EdmItemCollection.cs
- WebPartConnectionsCloseVerb.cs
- EventWaitHandleSecurity.cs
- InteropAutomationProvider.cs
- TraceHwndHost.cs
- ToolStripLocationCancelEventArgs.cs
- Inline.cs
- SqlCacheDependencyDatabase.cs