static void Main(string[] args)
{
// Create the permission set to grant to other assemblies.
// In this case we are granting the permissions found in the LocalIntranet zone.
PermissionSet permissionSet = GetNamedPermissionSet("LocalIntranet");
if (permissionSet == null)
return;
AppDomainSetup appDomainSetup = new AppDomainSetup();
// Identify the folder to use for the sandbox.
Directory.CreateDirectory("C:\\Sandbox");
appDomainSetup.ApplicationBase = "C:\\Sandbox";
// Copy the application to be executed to the sandbox.
File.Copy(@"..\..\..\NewConsoleApp\Bin\Debug\NewConsoleApp.exe",
"C:\\sandbox\\NewConsoleApp.exe", true);
File.Copy(@"..\..\..\NewConsoleApp\Bin\Debug\NewConsoleApp.pdb",
"C:\\sandbox\\NewConsoleApp.pdb", true);
Evidence hostEvidence = new Evidence();
// Create the sandboxed domain.
AppDomain sandbox = AppDomain.CreateDomain(
"Sandboxed Domain",
hostEvidence,
appDomainSetup,
permissionSet,
GetStrongName(Assembly.GetExecutingAssembly()));
sandbox.ExecuteAssemblyByName("NewConsoleApp");
}
protected static AppDomain CreateDomainHelper(string friendlyName, Evidence securityInfo, AppDomainSetup appDomainInfo)
{
if (friendlyName == null)
{
throw new ArgumentNullException(Environment.GetResourceString("ArgumentNull_String"));
}
if (securityInfo != null)
{
new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
AppDomain.CheckDomainCreationEvidence(appDomainInfo, securityInfo);
}
if (appDomainInfo == null)
{
appDomainInfo = new AppDomainSetup();
}
if ((appDomainInfo.AppDomainManagerAssembly == null) || (appDomainInfo.AppDomainManagerType == null))
{
string str;
string str2;
AppDomain.CurrentDomain.GetAppDomainManagerType(out str, out str2);
if (appDomainInfo.AppDomainManagerAssembly == null)
{
appDomainInfo.AppDomainManagerAssembly = str;
}
if (appDomainInfo.AppDomainManagerType == null)
{
appDomainInfo.AppDomainManagerType = str2;
}
}
return AppDomain.nCreateDomain(friendlyName, appDomainInfo, securityInfo, (securityInfo == null) ? AppDomain.CurrentDomain.InternalEvidence : null, AppDomain.CurrentDomain.GetSecurityDescriptor());
}
public static LoadedAssembly Load(String assemblyFilePath)
{
string currentExecutingAssemblyPath = Assembly.GetExecutingAssembly().Location;
if (currentExecutingAssemblyPath.StartsWith("File:"))
currentExecutingAssemblyPath = currentExecutingAssemblyPath.Substring(9).Replace("/", "\\");
else if (string.IsNullOrWhiteSpace(currentExecutingAssemblyPath))
currentExecutingAssemblyPath = Assembly.GetExecutingAssembly().CodeBase.Substring(9).Replace("/", "\\");
string newAppDomainFolderPath = currentExecutingAssemblyPath.Substring(0, currentExecutingAssemblyPath.LastIndexOf("\\"));
string tempAppDomainName = Guid.NewGuid().ToString();
var appDomainSecurity = new Evidence(AppDomain.CurrentDomain.Evidence);
AppDomain appDomain = AppDomain.CreateDomain(
friendlyName: tempAppDomainName,
securityInfo: appDomainSecurity,
appBasePath: newAppDomainFolderPath,
appRelativeSearchPath: null,
shadowCopyFiles: true);
FileLoader fileLoader = (FileLoader)appDomain.CreateInstanceAndUnwrap(
Assembly.GetExecutingAssembly().FullName, typeof(FileLoader).FullName);
Assembly assembly = fileLoader.LoadAssembly(assemblyFilePath);
return new LoadedAssembly { Module = assembly, Domain = appDomain };
}
public override PolicyStatement Resolve(Evidence evidence)
{
if (evidence == null)
{
throw new ArgumentNullException("evidence");
}
object usedEvidence = null;
if (!PolicyManager.CheckMembershipCondition(base.MembershipCondition, evidence, out usedEvidence))
{
return null;
}
PolicyStatement policyStatement = base.PolicyStatement;
IDelayEvaluatedEvidence dependentEvidence = usedEvidence as IDelayEvaluatedEvidence;
if ((dependentEvidence != null) && !dependentEvidence.IsVerified)
{
policyStatement.AddDependentEvidence(dependentEvidence);
}
bool flag2 = false;
IEnumerator enumerator = base.Children.GetEnumerator();
while (enumerator.MoveNext() && !flag2)
{
PolicyStatement childPolicy = PolicyManager.ResolveCodeGroup(enumerator.Current as CodeGroup, evidence);
if (childPolicy != null)
{
policyStatement.InplaceUnion(childPolicy);
if ((childPolicy.Attributes & PolicyStatementAttribute.Exclusive) == PolicyStatementAttribute.Exclusive)
{
flag2 = true;
}
}
}
return policyStatement;
}
public static Evidence CreateEvidenceForUrl (string securityUrl)
{
Evidence e = new Evidence ();
if ((securityUrl != null) && (securityUrl.Length > 0)) {
try {
Url url = new Url (securityUrl);
e.AddHost (url);
} catch (ArgumentException) {
}
try {
Zone zone = Zone.CreateFromUrl (securityUrl);
e.AddHost (zone);
} catch (ArgumentException) {
}
try {
Site site = Site.CreateFromUrl (securityUrl);
e.AddHost (site);
} catch (ArgumentException) {
}
}
return e;
}
/// <summary>
/// Creates a new AppDomain based on the parent AppDomains
/// Evidence and AppDomainSetup
/// </summary>
/// <param name="parentDomain">The parent AppDomain</param>
/// <returns>A newly created AppDomain</returns>
private AppDomain BuildChildDomain(AppDomain parentDomain)
{
Evidence evidence = new Evidence(parentDomain.Evidence);
AppDomainSetup setup = parentDomain.SetupInformation;
return AppDomain.CreateDomain("DiscoveryRegion",
evidence, setup);
}
/// <summary>
/// Creates a new child domain and copies the evidence from a parent domain.
/// </summary>
/// <param name="parentDomain">The parent domain.</param>
/// <returns>The new child domain.</returns>
/// <remarks>
/// Grabs the <paramref name="parentDomain"/> evidence and uses it to construct the new
/// <see cref="AppDomain"/> because in a ClickOnce execution environment, creating an
/// <see cref="AppDomain"/> will by default pick up the partial trust environment of
/// the AppLaunch.exe, which was the root executable. The AppLaunch.exe does a
/// create domain and applies the evidence from the ClickOnce manifests to
/// create the domain that the application is actually executing in. This will
/// need to be Full Trust for Composite Application Library applications.
/// </remarks>
protected virtual AppDomain BuildChildDomain(AppDomain parentDomain)
{
Evidence evidence = new Evidence(parentDomain.Evidence);
AppDomainSetup setup = parentDomain.SetupInformation;
var domain = AppDomain.CreateDomain("DiscoveryRegion", evidence, setup);
return domain;
}
// Constructor.
internal BaseVsaEngine(String language, String version, bool supportDebug)
{
applicationPath = String.Empty;
assemblyVersion = version;
compiledRootNamespace = null;
engineMoniker = String.Empty;
engineName = String.Empty;
engineSite = null;
errorLocale = CultureInfo.CurrentCulture.LCID;
executionEvidence = null;
failedCompilation = false;
genDebugInfo = false;
haveCompiledState = false;
isClosed = false;
isDebugInfoSupported = supportDebug;
isEngineCompiled = false;
isEngineDirty = false;
isEngineInitialized = false;
isEngineRunning = false;
loadedAssembly = null;
rootNamespace = String.Empty;
scriptLanguage = language;
startupClass = null;
startupInstance = null;
vsaItems = null;
}
bool IReportMatchMembershipCondition.Check(Evidence evidence, out object usedEvidence)
{
usedEvidence = null;
if (evidence == null)
return false;
ApplicationDirectory dir = evidence.GetHostEvidence<ApplicationDirectory>();
Url url = evidence.GetHostEvidence<Url>();
if (dir != null && url != null)
{
// We need to add a wildcard at the end because IsSubsetOf keys off of it.
String appDir = dir.Directory;
if (appDir != null && appDir.Length > 1)
{
if (appDir[appDir.Length-1] == '/')
appDir += "*";
else
appDir += "/*";
URLString appDirString = new URLString(appDir);
if (url.GetURLString().IsSubsetOf(appDirString))
{
usedEvidence = dir;
return true;
}
}
}
return false;
}
// Implement the IMembership interface.
public bool Check(Evidence evidence)
{
if(evidence == null)
{
return false;
}
IEnumerator e = evidence.GetHostEnumerator();
IEnumerator e2;
while(e.MoveNext())
{
ApplicationDirectory appDir =
(e.Current as ApplicationDirectory);
if(appDir != null)
{
e2 = evidence.GetHostEnumerator();
while(e2.MoveNext())
{
Url url = (e2.Current as Url);
if(url != null)
{
if(Match(url.parser, appDir.Directory))
{
return true;
}
}
}
}
}
return false;
}
protected override void Arrange()
{
base.Arrange();
var fullyTrustedAssemblies = this.GetFullyTrustedAssemblies().ToArray();
var unsignedAssemblies = fullyTrustedAssemblies.Where(sn => sn.PublicKey.ToString() == "");
if (unsignedAssemblies.Any())
{
Assert.Inconclusive("Full trust assemblies must be signed. This test will be ignored. Unsigned assemblies: " + unsignedAssemblies.Aggregate("", (a, sn) => a + sn.Name + " "));
}
var evidence = new Evidence();
evidence.AddHostEvidence(new Zone(SecurityZone.Intranet));
var set = SecurityManager.GetStandardSandbox(evidence);
this.AddPermissions(set);
this.appDomain =
AppDomain.CreateDomain(
"partial trust",
null,
AppDomain.CurrentDomain.SetupInformation,
set,
fullyTrustedAssemblies);
this.loggerProxy = ((LoggerProxy)this.appDomain.CreateInstanceAndUnwrap(typeof(LoggerProxy).Assembly.FullName, typeof(LoggerProxy).FullName));
this.loggerProxy.Setup();
}
/*!*/
private static PermissionSet CreatePermissionSet()
{
#if CLR2
string name = "Internet";
bool foundName = false;
PermissionSet setIntersection = new PermissionSet(PermissionState.Unrestricted);
// iterate over each policy level
IEnumerator e = SecurityManager.PolicyHierarchy();
while (e.MoveNext()) {
PolicyLevel level = (PolicyLevel)e.Current;
PermissionSet levelSet = level.GetNamedPermissionSet(name);
if (levelSet != null) {
foundName = true;
setIntersection = setIntersection.Intersect(levelSet);
}
}
if (setIntersection == null || !foundName) {
setIntersection = new PermissionSet(PermissionState.None);
} else {
setIntersection = new NamedPermissionSet(name, setIntersection);
}
return setIntersection;
#else
// this functionality is not available on Mono (AddHostEvidence is undefined), use dynamic to resolve it at runtime
dynamic e = new Evidence();
e.AddHostEvidence(new Zone(SecurityZone.Internet));
return SecurityManager.GetStandardSandbox((Evidence)e);
#endif
}
public override PolicyStatement Resolve (Evidence evidence)
{
if (null == evidence)
throw new ArgumentNullException("evidence");
if (!MembershipCondition.Check (evidence))
return null;
PermissionSet ps = null;
if (this.PolicyStatement == null)
ps = new PermissionSet (PermissionState.None);
else
ps = this.PolicyStatement.PermissionSet.Copy ();
if (this.Children.Count > 0) {
foreach (CodeGroup child_cg in this.Children) {
PolicyStatement child_pst = child_cg.Resolve (evidence);
if (child_pst != null) {
ps = ps.Union (child_pst.PermissionSet);
}
}
}
PolicyStatement pst = null;
if (this.PolicyStatement != null)
pst = this.PolicyStatement.Copy ();
else
pst = PolicyStatement.Empty ();
pst.PermissionSet = ps;
return pst;
}
public static AppDomain SandboxCreator()
{
CheckMono();
#if RAZOR4
Assert.Ignore("IsolatedRazorEngineServiceTestFixture is not tested with razor 4 as it is not signed!");
#endif
#if MONO
// Mono has no AddHostEvidence or GetHostEvidence.
// We do not run the tests anyway.
return null;
#else
Evidence ev = new Evidence();
ev.AddHostEvidence(new Zone(SecurityZone.Internet));
PermissionSet permSet = SecurityManager.GetStandardSandbox(ev);
// We have to load ourself with full trust
StrongName razorEngineAssembly = typeof(RazorEngineService).Assembly.Evidence.GetHostEvidence<StrongName>();
// We have to load Razor with full trust (so all methods are SecurityCritical)
// This is because we apply AllowPartiallyTrustedCallers to RazorEngine, because
// We need the untrusted (transparent) code to be able to inherit TemplateBase.
// Because in the normal environment/appdomain we run as full trust and the Razor assembly has no security attributes
// it will be completely SecurityCritical.
// This means we have to mark a lot of our members SecurityCritical (which is fine).
// However in the sandbox domain we have partial trust and because razor has no Security attributes that means the
// code will be transparent (this is where we get a lot of exceptions, because we now have different security attributes)
// To work around this we give Razor full trust in the sandbox as well.
StrongName razorAssembly = typeof(RazorTemplateEngine).Assembly.Evidence.GetHostEvidence<StrongName>();
// We trust ourself as well
StrongName testAssembly = typeof(IsolatedRazorEngineServiceTestFixture).Assembly.Evidence.GetHostEvidence<StrongName>();
AppDomainSetup adSetup = new AppDomainSetup();
adSetup.ApplicationBase = AppDomain.CurrentDomain.SetupInformation.ApplicationBase;
AppDomain newDomain = AppDomain.CreateDomain("Sandbox", null, adSetup, permSet, razorEngineAssembly, razorAssembly, testAssembly);
return newDomain;
#endif
}
public override PolicyStatement Resolve(Evidence evidence) {
if (evidence == null)
throw new ArgumentNullException("evidence");
if (this.MembershipCondition.Check(evidence)) {
PolicyStatement thisPolicy = CalculateAssemblyPolicy(evidence);
IEnumerator enumerator = this.Children.GetEnumerator();
while (enumerator.MoveNext()) {
PolicyStatement childPolicy = ((CodeGroup)enumerator.Current).Resolve(evidence);
if (childPolicy != null) {
if (((thisPolicy.Attributes & childPolicy.Attributes) & PolicyStatementAttribute.Exclusive) == PolicyStatementAttribute.Exclusive)
throw new PolicyException(Environment.GetResourceString("Policy_MultipleExclusive"));
thisPolicy.GetPermissionSetNoCopy().InplaceUnion(childPolicy.GetPermissionSetNoCopy());
thisPolicy.Attributes = thisPolicy.Attributes | childPolicy.Attributes;
}
}
return thisPolicy;
}
else {
return null;
}
}
// Methods
public bool Check (Evidence evidence)
{
if (evidence == null)
return false;
string codebase = Assembly.GetCallingAssembly ().CodeBase;
Uri local = new Uri (codebase);
Url ucode = new Url (codebase);
// *both* ApplicationDirectory and Url must be in *Host* evidences
bool adir = false;
bool url = false;
IEnumerator e = evidence.GetHostEnumerator ();
while (e.MoveNext ()) {
object o = e.Current;
if (!adir && (o is ApplicationDirectory)) {
ApplicationDirectory ad = (o as ApplicationDirectory);
string s = ad.Directory;
adir = (String.Compare (s, 0, local.ToString (), 0, s.Length, true, CultureInfo.InvariantCulture) == 0);
}
else if (!url && (o is Url)) {
url = ucode.Equals (o);
}
// got both ?
if (adir && url)
return true;
}
return false;
}
internal BaseVsaEngine(string language, string version, bool supportDebug)
{
this.scriptLanguage = language;
this.assemblyVersion = version;
this.isDebugInfoSupported = supportDebug;
this.executionEvidence = null;
}
/// <summary>
/// Starts this instance.
/// </summary>
/// <exception cref="System.InvalidOperationException">Job already started.</exception>
public static void Start()
{
if (_job != null)
throw new InvalidOperationException("Job already started.");
var evidence = new Evidence(AppDomain.CurrentDomain.Evidence);
var setup = new AppDomainSetup
{
ApplicationBase = AppDomain.CurrentDomain.SetupInformation.ApplicationBase,
ShadowCopyFiles = "false"
};
_appDomain = AppDomain.CreateDomain("eSync-" + Guid.NewGuid(), evidence, setup);
try
{
var assembly = _appDomain.Load(typeof(SyncServiceJob).Assembly.GetName());
var jobTypeName = typeof(SyncServiceJob).FullName;
_job = (IJob)_appDomain.CreateInstanceAndUnwrap(assembly.FullName, jobTypeName);
_job.Start();
}
catch
{
_job = null;
AppDomain.Unload(_appDomain);
_appDomain = null;
throw;
}
}
static void Main(string[] args)
{
object[] hostEvidence = { new Zone(SecurityZone.MyComputer) };
Evidence internetEvidence = new Evidence(hostEvidence, null);
AppDomain myDomain = AppDomain.CreateDomain("MyDomain");
myDomain.ExecuteAssembly("SecondAssembly.exe", internetEvidence);
AppDomainSetup setup = new AppDomainSetup();
Console.WriteLine(setup.ToString());
Console.WriteLine(typeof(object));
objectArrayTest(new object[] { "Hello", "World"});
AppDomainSetup ads = new AppDomainSetup();
ads.ApplicationBase = "file://" + Environment.CurrentDirectory;
ads.DisallowBindingRedirects = false;
ads.DisallowCodeDownload = true;
ads.ConfigurationFile = AppDomain.CurrentDomain.SetupInformation.ConfigurationFile;
AppDomain b = AppDomain.CreateDomain("New Domain", null, ads);
ads = AppDomain.CurrentDomain.SetupInformation;
Console.WriteLine("ApplicationBase: " + ads.ApplicationBase);
Console.WriteLine("ApplicationName: " + ads.ApplicationName);
Console.WriteLine("DisallowCodeDownload: " + ads.DisallowCodeDownload);
Console.WriteLine("DisallowBindingRedirects: " + ads.DisallowBindingRedirects);
}
public static Evidence CreateEvidenceForUrl(string securityUrl) {
#if !DISABLE_CAS_USE
Evidence evidence = new Evidence();
if (securityUrl != null && securityUrl.Length > 0) {
evidence.AddHostEvidence(new Url(securityUrl));
evidence.AddHostEvidence(Zone.CreateFromUrl(securityUrl));
Uri uri = new Uri(securityUrl, UriKind.RelativeOrAbsolute);
if (uri.IsAbsoluteUri && !uri.IsFile) {
evidence.AddHostEvidence(Site.CreateFromUrl(securityUrl));
}
// Allow same directory access for UNCs (SQLBUDT 394535)
if (uri.IsAbsoluteUri && uri.IsUnc) {
string uncDir = System.IO.Path.GetDirectoryName(uri.LocalPath);
if (uncDir != null && uncDir.Length != 0) {
evidence.AddHostEvidence(new UncDirectory(uncDir));
}
}
}
return evidence;
#else
return null;
#endif
}
public RemoteDebugger()
{
// Create a new debugger session
mSessionId = Guid.NewGuid().ToString();
Evidence evidence = new Evidence(AppDomain.CurrentDomain.Evidence);
AppDomainSetup appDomainSetup = AppDomain.CurrentDomain.SetupInformation;
mAppDomain = AppDomain.CreateDomain(String.Format("Debugger-{0}", mSessionId), evidence, appDomainSetup);
/*
Type assemblyLoaderType = typeof(AssemblyLoader);
AssemblyLoader loader = mAppDomain.CreateInstanceAndUnwrap(assemblyLoaderType.Assembly.GetName().Name, assemblyLoaderType.FullName) as AssemblyLoader;
foreach (String assemblyPath in Directory.GetFiles(DebuggerConfig.ApplicationPath, "Tridion*.dll"))
{
loader.LoadAssembly(assemblyPath);
}
*/
Type debuggerHostType = typeof(DebugEngineServer);
mDebuggerHost = mAppDomain.CreateInstanceAndUnwrap(
debuggerHostType.Assembly.GetName().Name,
debuggerHostType.FullName,
true,
BindingFlags.Default,
null,
new Object[] { mSessionId },
null,
null) as DebugEngineServer;
}
/// <summary>
/// Creates a new child domain and copies the evidence from a parent domain.
/// </summary>
/// <param name="parentDomain">The parent domain.</param>
/// <returns>The new child domain.</returns>
/// <remarks>
/// Grabs the <paramref name="parentDomain"/> evidence and uses it to construct the new
/// <see cref="AppDomain"/> because in a ClickOnce execution environment, creating an
/// <see cref="AppDomain"/> will by default pick up the partial trust environment of
/// the AppLaunch.exe, which was the root executable. The AppLaunch.exe does a
/// create domain and applies the evidence from the ClickOnce manifests to
/// create the domain that the application is actually executing in. This will
/// need to be Full Trust for Composite Application Library applications.
/// </remarks>
public static AppDomain BuildChildDomain(AppDomain parentDomain)
{
if (parentDomain == null) throw new ArgumentNullException("parentDomain");
var evidence = new Evidence(parentDomain.Evidence);
AppDomainSetup setup = parentDomain.SetupInformation;
return AppDomain.CreateDomain("DiscoveryRegion", evidence, setup);
}
private Result compile(Input input)
{
Compiler compiler;
Result r;
System.AppDomain unitDomain = null;
try
{
Evidence evidence = new Evidence(AppDomain.CurrentDomain.Evidence);
AppDomainSetup setup = AppDomain.CurrentDomain.SetupInformation;
unitDomain = AppDomain.CreateDomain("uTestDomain", evidence, setup);
Type type = typeof(Compiler);
compiler = (Compiler)unitDomain.CreateInstanceFrom(
type.Assembly.Location,
type.FullName).Unwrap();
foreach (string s in GetAssemblies(Assembly.GetExecutingAssembly()))
{
compiler.LoadAssembly(s);
}
r = compiler.Compile(input);
}
finally
{
if (unitDomain != null) System.AppDomain.Unload(unitDomain);
}
return r;
}
protected static ObjectHandle CreateInstanceHelper (AppDomainSetup adSetup)
{
if (adSetup == null)
throw new ArgumentNullException ("adSetup");
if (adSetup.ActivationArguments == null) {
string msg = Locale.GetText ("{0} is missing it's {1} property");
throw new ArgumentException (String.Format (msg, "AppDomainSetup", "ActivationArguments"), "adSetup");
}
HostSecurityManager hsm = null;
if (AppDomain.CurrentDomain.DomainManager != null)
hsm = AppDomain.CurrentDomain.DomainManager.HostSecurityManager;
else
hsm = new HostSecurityManager (); // default
Evidence applicationEvidence = new Evidence ();
applicationEvidence.AddHost (adSetup.ActivationArguments);
TrustManagerContext context = new TrustManagerContext ();
ApplicationTrust trust = hsm.DetermineApplicationTrust (applicationEvidence, null, context);
if (!trust.IsApplicationTrustedToRun) {
string msg = Locale.GetText ("Current policy doesn't allow execution of addin.");
throw new PolicyException (msg);
}
// FIXME: we're missing the information from the manifest
AppDomain ad = AppDomain.CreateDomain ("friendlyName", null, adSetup);
return ad.CreateInstance ("assemblyName", "typeName", null);
}
bool IReportMatchMembershipCondition.Check(Evidence evidence, out object usedEvidence)
{
usedEvidence = null;
if (evidence != null)
{
ApplicationDirectory hostEvidence = evidence.GetHostEvidence<ApplicationDirectory>();
Url url = evidence.GetHostEvidence<Url>();
if ((hostEvidence != null) && (url != null))
{
string directory = hostEvidence.Directory;
if ((directory != null) && (directory.Length > 1))
{
if (directory[directory.Length - 1] == '/')
{
directory = directory + "*";
}
else
{
directory = directory + "/*";
}
URLString operand = new URLString(directory);
if (url.GetURLString().IsSubsetOf(operand))
{
usedEvidence = hostEvidence;
return true;
}
}
}
}
return false;
}
public void Check ()
{
ApplicationDirectoryMembershipCondition ad = new ApplicationDirectoryMembershipCondition ();
Evidence e = null;
Assert.IsFalse (ad.Check (e), "Check (null)");
e = new Evidence ();
Assert.IsFalse (ad.Check (e), "Check (empty)");
e.AddHost (new Zone (SecurityZone.MyComputer));
Assert.IsFalse (ad.Check (e), "Check (zone)");
string codebase = Assembly.GetExecutingAssembly ().CodeBase;
Url u = new Url (codebase);
ApplicationDirectory adir = new ApplicationDirectory (codebase);
e.AddHost (u);
Assert.IsFalse (ad.Check (e), "Check (url-host)"); // not enough
e.AddAssembly (adir);
Assert.IsFalse (ad.Check (e), "Check (url-host+adir-assembly)");
e = new Evidence ();
e.AddHost (adir);
Assert.IsFalse (ad.Check (e), "Check (adir-host)"); // not enough
e.AddAssembly (u);
Assert.IsFalse (ad.Check (e), "Check (url-assembly+adir-host)");
e = new Evidence ();
e.AddHost (u);
e.AddHost (adir);
Assert.IsTrue (ad.Check (e), "Check (url+adir host)"); // both!!
}
internal BaseVsaEngine(string language, string version, bool supportDebug)
{
this.scriptLanguage = language;
this.assemblyVersion = version;
this.isDebugInfoSupported = supportDebug;
this.executionEvidence = null;
}
public virtual ApplicationTrust DetermineApplicationTrust (Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context)
{
if (applicationEvidence == null)
throw new ArgumentNullException ("applicationEvidence");
ActivationArguments aa = null;
foreach (object o in applicationEvidence) {
aa = (o as ActivationArguments);
if (aa != null)
break;
}
if (aa == null) {
string msg = Locale.GetText ("No {0} found in {1}.");
throw new ArgumentException (string.Format (msg, "ActivationArguments", "Evidence"), "applicationEvidence");
}
if (aa.ActivationContext == null) {
string msg = Locale.GetText ("No {0} found in {1}.");
throw new ArgumentException (string.Format (msg, "ActivationContext", "ActivationArguments"), "applicationEvidence");
}
// FIXME: this part is still untested (requires manifest support)
if (ApplicationSecurityManager.DetermineApplicationTrust (aa.ActivationContext, context)) {
if (aa.ApplicationIdentity == null)
return new ApplicationTrust ();
else
return new ApplicationTrust (aa.ApplicationIdentity);
}
return null;
}
public EvidenceBase GenerateEvidence(Type evidenceType)
{
if (!this.m_targetDomain.IsDefaultAppDomain())
{
return AppDomain.GetDefaultDomain().GetHostEvidence(evidenceType);
}
if (this.m_entryPointEvidence == null)
{
Assembly entryAssembly = Assembly.GetEntryAssembly();
RuntimeAssembly assembly2 = entryAssembly as RuntimeAssembly;
if (assembly2 != null)
{
this.m_entryPointEvidence = assembly2.EvidenceNoDemand.Clone();
}
else if (entryAssembly != null)
{
this.m_entryPointEvidence = entryAssembly.Evidence;
}
}
if (this.m_entryPointEvidence == null)
{
return null;
}
return this.m_entryPointEvidence.GetHostEvidence(evidenceType);
}
/// <summary>
/// Construct an application domain for running a test package
/// </summary>
/// <param name="package">The TestPackage to be run</param>
public AppDomain CreateDomain( TestPackage package )
{
AppDomainSetup setup = CreateAppDomainSetup(package);
string domainName = "test-domain-" + package.Name;
// Setup the Evidence
Evidence evidence = new Evidence(AppDomain.CurrentDomain.Evidence);
if (evidence.Count == 0)
{
Zone zone = new Zone(SecurityZone.MyComputer);
evidence.AddHost(zone);
Assembly assembly = Assembly.GetExecutingAssembly();
Url url = new Url(assembly.CodeBase);
evidence.AddHost(url);
Hash hash = new Hash(assembly);
evidence.AddHost(hash);
}
log.Info("Creating AppDomain " + domainName);
AppDomain runnerDomain = AppDomain.CreateDomain(domainName, evidence, setup);
// Set PrincipalPolicy for the domain if called for in the settings
if (_settingsService != null && _settingsService.GetSetting("Options.TestLoader.SetPrincipalPolicy", false))
{
runnerDomain.SetPrincipalPolicy(_settingsService.GetSetting(
"Options.TestLoader.PrincipalPolicy",
PrincipalPolicy.UnauthenticatedPrincipal));
}
return runnerDomain;
}
public MSXslScript (XPathNavigator nav, Evidence evidence)
{
this.evidence = evidence;
code = nav.Value;
if (nav.MoveToFirstAttribute ()) {
do {
switch (nav.LocalName) {
case "language":
switch (nav.Value.ToLower (CultureInfo.InvariantCulture)) {
case "jscript":
case "javascript":
language = ScriptingLanguage.JScript; break;
case "vb":
case "visualbasic":
language = ScriptingLanguage.VisualBasic;
break;
case "c#":
case "csharp":
language = ScriptingLanguage.CSharp;
break;
default:
throw new XsltException ("Invalid scripting language!", null);
}
break;
case "implements-prefix":
implementsPrefix = nav.Value;
break;
}
} while (nav.MoveToNextAttribute ());
nav.MoveToParent ();
}
if (implementsPrefix == null)
throw new XsltException ("need implements-prefix attr", null);
}
public static Assembly LoadFile(string path, System.Security.Policy.Evidence securityEvidence)
{
if ((securityEvidence != null) && !AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled)
{
throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyImplicit"));
}
new FileIOPermission(FileIOPermissionAccess.PathDiscovery | FileIOPermissionAccess.Read, path).Demand();
return(RuntimeAssembly.nLoadFile(path, securityEvidence));
}
public static void Main()//Main_11_2_1
{
//获取当前程序集的证据
System.Security.Policy.Evidence e = Assembly.GetExecutingAssembly().Evidence;
//枚举程序集具有的所有证据
IEnumerator enumerator = e.GetHostEnumerator();
while (enumerator.MoveNext())
{
Console.WriteLine(enumerator.Current);
}
}
public static Assembly Load(byte[] rawAssembly, byte[] rawSymbolStore, System.Security.Policy.Evidence securityEvidence)
{
if ((securityEvidence != null) && !AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled)
{
Zone hostEvidence = securityEvidence.GetHostEvidence <Zone>();
if ((hostEvidence == null) || (hostEvidence.SecurityZone != SecurityZone.MyComputer))
{
throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyImplicit"));
}
}
StackCrawlMark lookForMyCaller = StackCrawlMark.LookForMyCaller;
return(RuntimeAssembly.nLoadImage(rawAssembly, rawSymbolStore, securityEvidence, ref lookForMyCaller, false, SecurityContextSource.CurrentAssembly));
}
internal static RuntimeAssembly InternalLoadFrom(string assemblyFile, System.Security.Policy.Evidence securityEvidence, byte[] hashValue, AssemblyHashAlgorithm hashAlgorithm, bool forIntrospection, bool suppressSecurityChecks, ref StackCrawlMark stackMark)
{
if (assemblyFile == null)
{
throw new ArgumentNullException("assemblyFile");
}
if ((securityEvidence != null) && !AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled)
{
throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyImplicit"));
}
AssemblyName assemblyRef = new AssemblyName {
CodeBase = assemblyFile
};
assemblyRef.SetHashControl(hashValue, hashAlgorithm);
return(InternalLoadAssemblyName(assemblyRef, securityEvidence, ref stackMark, forIntrospection, suppressSecurityChecks));
}
internal static RuntimeAssembly InternalLoad(string assemblyString, System.Security.Policy.Evidence assemblySecurity, ref StackCrawlMark stackMark, bool forIntrospection)
{
if (assemblyString == null)
{
throw new ArgumentNullException("assemblyString");
}
if ((assemblyString.Length == 0) || (assemblyString[0] == '\0'))
{
throw new ArgumentException(Environment.GetResourceString("Format_StringZeroLength"));
}
AssemblyName assemblyRef = new AssemblyName();
RuntimeAssembly assembly = null;
assemblyRef.Name = assemblyString;
if (assemblyRef.nInit(out assembly, forIntrospection, true) == -2146234297)
{
return(assembly);
}
return(InternalLoadAssemblyName(assemblyRef, assemblySecurity, ref stackMark, forIntrospection, false));
}
internal static RuntimeAssembly LoadWithPartialNameInternal(AssemblyName an, System.Security.Policy.Evidence securityEvidence, ref StackCrawlMark stackMark)
{
if (securityEvidence != null)
{
if (!AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled)
{
throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyImplicit"));
}
new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand();
}
RuntimeAssembly assembly = null;
try
{
assembly = nLoad(an, null, securityEvidence, null, ref stackMark, true, false, false);
}
catch (Exception exception)
{
if (exception.IsTransient)
{
throw exception;
}
if (IsUserError(exception))
{
throw;
}
if (IsSimplyNamed(an))
{
return(null);
}
AssemblyName assemblyRef = EnumerateCache(an);
if (assemblyRef != null)
{
return(InternalLoadAssemblyName(assemblyRef, securityEvidence, ref stackMark, false, false));
}
}
return(assembly);
}
private static ObjectHandle CreateInstanceFromInternal(String assemblyFile,
String typeName,
bool ignoreCase,
Reflection.BindingFlags bindingAttr,
Reflection.Binder binder,
Object[] args,
Globalization.CultureInfo culture,
Object[] activationAttributes,
Security.Policy.Evidence securityInfo)
{
#if FEATURE_CAS_POLICY
Contract.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled || securityInfo == null);
#endif // FEATURE_CAS_POLICY
#pragma warning disable 618
Reflection.Assembly assembly = Reflection.Assembly.LoadFrom(assemblyFile); //, securityInfo);
#pragma warning restore 618
Type t = assembly.GetType(typeName, true, ignoreCase);
Object o = Activator.CreateInstance(t,
bindingAttr,
binder,
args,
culture,
activationAttributes);
// Log(o != null, "CreateInstanceFrom:: ", "Created Instance of class " + typeName, "Failed to create instance of class " + typeName);
if (o == null)
{
return(null);
}
else
{
ObjectHandle Handle = new ObjectHandle(o);
return(Handle);
}
}
public bool Check(Evidence evidence)
{
object usedEvidence = null;
return((this as IReportMatchMembershipCondition).Check(evidence, out usedEvidence));
}
public static Assembly LoadFrom(string assemblyFile, System.Security.Policy.Evidence securityEvidence)
{
return(default(Assembly));
}
public static Assembly LoadFrom(string assemblyFile, System.Security.Policy.Evidence securityEvidence, Byte[] hashValue, System.Configuration.Assemblies.AssemblyHashAlgorithm hashAlgorithm)
{
return(default(Assembly));
}
public static Assembly Load(string assemblyString, System.Security.Policy.Evidence assemblySecurity)
{
return(default(Assembly));
}
public static PermissionSet ResolveSystemPolicy(System.Security.Policy.Evidence evidence)
{
return(default(PermissionSet));
}
/// <summary>Creates an identity permission that corresponds to the current <see cref="T:System.Security.Policy.Site" />.</summary>
/// <returns>A <see cref="T:System.Security.Permissions.SiteIdentityPermission" /> for the specified <see cref="T:System.Security.Policy.Site" />.</returns>
/// <param name="evidence">The <see cref="T:System.Security.Policy.Evidence" /> from which to construct the identity permission. </param>
public IPermission CreateIdentityPermission(Evidence evidence)
{
return(new SiteIdentityPermission(this.origin_site));
}
public PolicyStatement Resolve(Evidence !evidence)
{
CodeContract.Requires(evidence != null);
return(default(PolicyStatement));
}
bool IReportMatchMembershipCondition.Check(Evidence evidence, out object usedEvidence)
{
usedEvidence = null;
return(true);
}
public IPermission CreateIdentityPermission(Evidence evidence)
{
return(new StrongNameIdentityPermission(m_publicKeyBlob, m_name, m_version));
}
// Implement the IIdentityPermissionFactory interface
public IPermission CreateIdentityPermission(Evidence evidence)
{
return(new PublisherIdentityPermission(cert));
}
public void Merge(Evidence evidence)
{
}
public Evidence(Evidence evidence)
{
}
public IPermission CreateIdentityPermission(Evidence evidence)
{
return(default(IPermission));
}
/// <summary>Creates a new identity permission that corresponds to the current object.</summary>
/// <returns>A new <see cref="T:System.Security.Permissions.GacIdentityPermission" />.</returns>
/// <param name="evidence">The <see cref="T:System.Security.Policy.Evidence" /> from which to construct the identity permission. </param>
public IPermission CreateIdentityPermission(Evidence evidence)
{
return(new GacIdentityPermission());
}
public IPermission CreateIdentityPermission(Evidence evidence)
{
return(new ZoneIdentityPermission(zone));
}
public static PermissionSet ResolvePolicy(System.Security.Policy.Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, out PermissionSet denied)
{
denied = default(System.Security.PermissionSet); return(default(PermissionSet));
}
public CodeGroup ResolveMatchingCodeGroups(Evidence !evidence)
{
CodeContract.Requires(evidence != null);
return(default(CodeGroup));
}
public static Assembly Load(AssemblyName assemblyRef, System.Security.Policy.Evidence assemblySecurity)
{
return(default(Assembly));
}
public static Assembly Load(Byte[] rawAssembly, Byte[] rawSymbolStore, System.Security.Policy.Evidence securityEvidence)
{
Contract.Ensures(Contract.Result <Assembly>() != null);
return(default(Assembly));
}
public static IEnumerator ResolvePolicyGroups(System.Security.Policy.Evidence evidence)
{
return(default(IEnumerator));
}
protected override void ProcessRecord()
{
if (MyInvocation.InvocationName.ToLower() == "save-pnpprovisioninghierarchy")
{
WriteWarning("Save-PnPProvisioningHierarchy has been deprecated. Use Save-PnPTenantTemplate instead.");
}
// Determine the output file name and path
string outFileName = Path.GetFileName(Out);
if (!Path.IsPathRooted(Out))
{
Out = Path.Combine(SessionState.Path.CurrentFileSystemLocation.Path, Out);
}
bool proceed = false;
if (System.IO.File.Exists(Out))
{
if (Force || ShouldContinue(string.Format(Properties.Resources.File0ExistsOverwrite, Out),
Properties.Resources.Confirm))
{
System.IO.File.Delete(Out);
proceed = true;
}
}
else
{
proceed = true;
}
string outPath = new FileInfo(Out).DirectoryName;
// Determine if it is an .XML or a .PNP file
var extension = "";
if (proceed && outFileName != null)
{
if (outFileName.IndexOf(".", StringComparison.Ordinal) > -1)
{
extension = outFileName.Substring(outFileName.LastIndexOf(".", StringComparison.Ordinal)).ToLower();
}
else
{
extension = ".pnp";
}
}
var fileSystemConnector = new FileSystemConnector(outPath, "");
ITemplateFormatter formatter = XMLPnPSchemaFormatter.LatestFormatter;
if (extension == ".pnp")
{
var useNewEvidence = false;
try
{
var usfdAttempt1 = System.IO.IsolatedStorage.IsolatedStorageFile.GetUserStoreForDomain(); // this will fail when the current AppDomain Evidence is instantiated via COM or in PowerShell
}
catch (Exception e)
{
useNewEvidence = true;
}
if (useNewEvidence)
{
var replacementEvidence = new System.Security.Policy.Evidence();
replacementEvidence.AddHostEvidence(new System.Security.Policy.Zone(System.Security.SecurityZone.MyComputer));
var currentAppDomain = System.Threading.Thread.GetDomain();
var securityIdentityField = currentAppDomain.GetType().GetField("_SecurityIdentity", System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic);
securityIdentityField.SetValue(currentAppDomain, replacementEvidence);
}
var templateFileName = outFileName.Substring(0, outFileName.LastIndexOf(".", StringComparison.Ordinal)) + ".xml";
XMLTemplateProvider provider = new XMLOpenXMLTemplateProvider(
Out, fileSystemConnector, templateFileName: templateFileName);
WriteObject("Processing template");
provider.SaveAs(Template, templateFileName);
ProcessFiles(Out, fileSystemConnector, provider.Connector);
}
else
{
XMLTemplateProvider provider = new XMLFileSystemTemplateProvider(outPath, "");
provider.SaveAs(Template, Out);
}
}
public static Assembly LoadWithPartialName(string partialName, System.Security.Policy.Evidence securityEvidence)
{
return(default(Assembly));
}
