Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / PartialTrustHelpers.cs / 1 / PartialTrustHelpers.cs
//------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel { using System.Security; using System.Web; using System.Threading; using System.Diagnostics; using System.Reflection; using System.Security.Permissions; static class PartialTrustHelpers { ////// Critical - caches the PermissionSet associated with the asp.net trust level /// this will not change over the life of the AppDomain /// [SecurityCritical] static SecurityContext aspNetSecurityContext; ////// Critical - if erroneously set to true, could bypass the PermitOnly /// [SecurityCritical] static bool isInitialized; ////// RequiresReview - determines if the given PermissionSet is full trust /// we will base subsequent security decisions on this /// [SecurityRequiresReview] static bool IsFullTrust(PermissionSet perms) { return perms == null || perms.IsUnrestricted(); } internal static bool NeedPartialTrustInvoke { ////// Critical - makes a security sensitive decision, updates aspNetSecurityContext and isInitialized /// Safe - ok to know whether the ASP app is partial trust /// [SecurityCritical, SecurityTreatAsSafe] get { if (!isInitialized) { NamedPermissionSet aspNetPermissionSet = HttpRuntime.GetNamedPermissionSet(); if (!IsFullTrust(aspNetPermissionSet)) { try { aspNetPermissionSet.PermitOnly(); aspNetSecurityContext = CaptureSecurityContextNoIdentityFlow(); } finally { CodeAccessPermission.RevertPermitOnly(); } } isInitialized = true; } return aspNetSecurityContext != null; } } ////// Critical - captures security context with identity flow suppressed, this requires satisfying a LinkDemand for infrastructure /// [SecurityCritical] internal static SecurityContext CaptureSecurityContextNoIdentityFlow() { // capture the security context but never flow windows identity if (SecurityContext.IsWindowsIdentityFlowSuppressed()) { return SecurityContext.Capture(); } else { using (SecurityContext.SuppressFlowWindowsIdentity()) { return SecurityContext.Capture(); } } } ////// Critical - touches aspNetSecurityContext /// Safe - ok to invoke the user's delegate under the PT context /// [SecurityCritical, SecurityTreatAsSafe] internal static void PartialTrustInvoke(ContextCallback callback, object state) { if (NeedPartialTrustInvoke) { SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state); } else { callback(state); } } ////// Critical - used in a security-sensitive decision /// [SecurityCritical] internal static bool IsTypeAptca(Type type) { Assembly assembly = type.Assembly; return IsAssemblyAptca(assembly) || !IsAssemblySigned(assembly); } ////// Critical - used in a security-sensitive decision /// [SecurityCritical] static Type aptca; ////// Critical - used in a security-sensitive decision /// [SecurityCritical] static bool IsAssemblyAptca(Assembly assembly) { if (aptca == null) { aptca = typeof(AllowPartiallyTrustedCallersAttribute); } return assembly.GetCustomAttributes(aptca, false).Length > 0; } ////// Critical - used in a security-sensitive decision /// [SecurityCritical] [FileIOPermission(SecurityAction.Assert, Unrestricted=true)] static bool IsAssemblySigned(Assembly assembly) { byte[] publicKeyToken = assembly.GetName().GetPublicKeyToken(); return publicKeyToken != null & publicKeyToken.Length > 0; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ToolStripRenderer.cs
- SystemFonts.cs
- StringDictionaryEditor.cs
- XamlClipboardData.cs
- _ChunkParse.cs
- UnsafeNativeMethodsTablet.cs
- GridViewItemAutomationPeer.cs
- CachingHintValidation.cs
- CollectionsUtil.cs
- NonSerializedAttribute.cs
- AxDesigner.cs
- Point4DValueSerializer.cs
- ErrorProvider.cs
- DBNull.cs
- AuthenticationModuleElement.cs
- NativeMethods.cs
- HatchBrush.cs
- EmptyQuery.cs
- Reference.cs
- DrawTreeNodeEventArgs.cs
- AppDomainGrammarProxy.cs
- ProvidersHelper.cs
- ListControlConvertEventArgs.cs
- XmlSchemaSequence.cs
- BitmapEffectGroup.cs
- ManagementObjectCollection.cs
- TableLayoutPanel.cs
- XmlSerializationReader.cs
- FileDialogPermission.cs
- RequiredFieldValidator.cs
- AstTree.cs
- FrameDimension.cs
- AttachedPropertyBrowsableAttribute.cs
- CompoundFileDeflateTransform.cs
- EntityDataSourceContextCreatedEventArgs.cs
- InstanceOwnerException.cs
- ListBindingHelper.cs
- ColorInterpolationModeValidation.cs
- SystemNetHelpers.cs
- OpenFileDialog.cs
- ControlEvent.cs
- COM2ExtendedUITypeEditor.cs
- BufferedStream.cs
- WindowAutomationPeer.cs
- X509ChainElement.cs
- EnumValidator.cs
- XmlSchemaComplexContent.cs
- TileModeValidation.cs
- DependencyPropertyChangedEventArgs.cs
- ScrollData.cs
- TrackingProfileCache.cs
- PublisherMembershipCondition.cs
- NavigationPropertyEmitter.cs
- Literal.cs
- QilName.cs
- RectangleHotSpot.cs
- PropertyGridCommands.cs
- AnimatedTypeHelpers.cs
- EncodingStreamWrapper.cs
- SqlSelectClauseBuilder.cs
- CryptoConfig.cs
- MetadataPropertyCollection.cs
- Set.cs
- TreeView.cs
- CalendarDay.cs
- RoutingChannelExtension.cs
- XmlSerializerNamespaces.cs
- ETagAttribute.cs
- Stroke.cs
- WebScriptMetadataMessageEncoderFactory.cs
- TargetException.cs
- AsmxEndpointPickerExtension.cs
- DataGridViewComboBoxCell.cs
- DrawingImage.cs
- Blend.cs
- LoginDesigner.cs
- VolatileEnlistmentState.cs
- ActivityExecutionContextCollection.cs
- WeakReferenceList.cs
- ColorInterpolationModeValidation.cs
- QueryCacheEntry.cs
- DataGridViewCellStyleContentChangedEventArgs.cs
- OrderByExpression.cs
- HtmlInputRadioButton.cs
- MissingMemberException.cs
- DoubleStorage.cs
- CompilerGlobalScopeAttribute.cs
- UpdateProgress.cs
- FaultImportOptions.cs
- HtmlWindow.cs
- DetailsViewUpdateEventArgs.cs
- SoapExtensionImporter.cs
- TabItemAutomationPeer.cs
- SubtreeProcessor.cs
- UnionCodeGroup.cs
- ObjectSet.cs
- RuntimeIdentifierPropertyAttribute.cs
- GlobalId.cs
- AudioSignalProblemOccurredEventArgs.cs
- StrokeCollectionConverter.cs