/// <summary>
/// Gets lockdown policy as applied to a COM object.
/// </summary>
/// <returns>True if the COM object is allowed, False otherwise.</returns>
internal static bool IsClassInApprovedList(Guid clsid)
{
// This method is called only if there is an AppLocker and/or WLDP system wide lock down enforcement policy.
if (s_cachedWldpSystemPolicy.GetValueOrDefault(SystemEnforcementMode.None) != SystemEnforcementMode.Enforce)
{
// No WLDP policy implies only AppLocker policy enforcement. Disallow all COM object instantiation.
return(false);
}
// WLDP policy must be in system wide enforcement, look up COM Id in WLDP approval list.
try
{
WLDP_HOST_INFORMATION hostInformation = new WLDP_HOST_INFORMATION();
hostInformation.dwRevision = WldpNativeConstants.WLDP_HOST_INFORMATION_REVISION;
hostInformation.dwHostId = WLDP_HOST_ID.WLDP_HOST_ID_POWERSHELL;
int pIsApproved = 0;
int result = WldpNativeMethods.WldpIsClassInApprovedList(ref clsid, ref hostInformation, ref pIsApproved, 0);
if (result >= 0)
{
if (pIsApproved == 1)
{
// Hook for testability. If we've got an environmental override, say that ADODB.Parameter
// is not allowed.
// 0000050b-0000-0010-8000-00aa006d2ea4 = ADODB.Parameter
if (s_allowDebugOverridePolicy)
{
if (string.Equals(clsid.ToString(), "0000050b-0000-0010-8000-00aa006d2ea4", StringComparison.OrdinalIgnoreCase))
{
return(false);
}
}
return(true);
}
}
return(false);
}
catch (DllNotFoundException)
{
// Hook for testability. IsClassInApprovedList is only called when the system is in global lockdown mode,
// so this wouldn't be allowed in regular ConstrainedLanguage mode.
// f6d90f11-9c73-11d3-b32e-00c04f990bb4 = MSXML2.DOMDocument
if (string.Equals(clsid.ToString(), "f6d90f11-9c73-11d3-b32e-00c04f990bb4", StringComparison.OrdinalIgnoreCase))
{
return(true);
}
return(false);
}
}
internal static bool IsClassInApprovedList(Guid clsid)
{
try
{
WLDP_HOST_INFORMATION pHostInformation = new WLDP_HOST_INFORMATION {
dwRevision = 1,
dwHostId = WLDP_HOST_ID.WLDP_HOST_ID_POWERSHELL
};
int ptIsApproved = 0;
WldpNativeMethods.WldpIsClassInApprovedList(ref clsid, ref pHostInformation, ref ptIsApproved, 0);
return(ptIsApproved == 1);
}
catch (DllNotFoundException)
{
return(string.Equals(clsid.ToString(), "f6d90f11-9c73-11d3-b32e-00c04f990bb4", StringComparison.OrdinalIgnoreCase));
}
}
/// <summary>
/// Gets lockdown policy as applied to a COM object
/// </summary>
/// <returns>True if the COM object is allowed, False otherwise.</returns>
internal static bool IsClassInApprovedList(Guid clsid)
{
try
{
WLDP_HOST_INFORMATION hostInformation = new WLDP_HOST_INFORMATION();
hostInformation.dwRevision = WldpNativeConstants.WLDP_HOST_INFORMATION_REVISION;
hostInformation.dwHostId = WLDP_HOST_ID.WLDP_HOST_ID_POWERSHELL;
int pIsApproved = 0;
int result = WldpNativeMethods.WldpIsClassInApprovedList(ref clsid, ref hostInformation, ref pIsApproved, 0);
if (result >= 0)
{
if (pIsApproved == 1)
{
// Hook for testability. If we've got an environmental override, say that ADODB.Parameter
// is not allowed.
// 0000050b-0000-0010-8000-00aa006d2ea4 = ADODB.Parameter
if (s_wasSystemPolicyDebugPolicy)
{
if (String.Equals(clsid.ToString(), "0000050b-0000-0010-8000-00aa006d2ea4", StringComparison.OrdinalIgnoreCase))
{
return(false);
}
}
return(true);
}
}
return(false);
}
catch (DllNotFoundException)
{
// Hook for testability. IsClassInApprovedList is only called when the system is in global lockdown mode,
// so this wouldn't be allowed in regular ConstrainedLanguage mode.
// f6d90f11-9c73-11d3-b32e-00c04f990bb4 = MSXML2.DOMDocument
if (String.Equals(clsid.ToString(), "f6d90f11-9c73-11d3-b32e-00c04f990bb4", StringComparison.OrdinalIgnoreCase))
{
return(true);
}
return(false);
}
}