static void Save (string filename, PermissionSet ps) { using (StreamWriter sw = new StreamWriter (filename)) { sw.WriteLine (ps.ToXml ().ToString ()); sw.Close (); } }
public static void PermissionRequestEvidenceCallMethods() { PermissionSet ps = new PermissionSet(new PermissionState()); PermissionRequestEvidence pre = new PermissionRequestEvidence(ps, ps, ps); PermissionRequestEvidence obj = pre.Copy(); string str = ps.ToString(); SecurityElement se = new SecurityElement(""); ps.FromXml(se); se = ps.ToXml(); }
public static void PermissionSetCallMethods() { PermissionSet ps = new PermissionSet(new PermissionState()); ps.Assert(); bool containspermissions = ps.ContainsNonCodeAccessPermissions(); PermissionSet ps2 = ps.Copy(); ps.CopyTo(new int[1], 0); ps.Demand(); ps.Equals(ps2); System.Collections.IEnumerator ie = ps.GetEnumerator(); int hash = ps.GetHashCode(); PermissionSet ps3 = ps.Intersect(ps2); bool isempty = ps.IsEmpty(); bool issubsetof = ps.IsSubsetOf(ps2); bool isunrestricted = ps.IsUnrestricted(); string s = ps.ToString(); PermissionSet ps4 = ps.Union(ps2); SecurityElement se = new SecurityElement(""); ps.FromXml(se); se = ps.ToXml(); }
public void AddDeclarativeSecurity(SecurityAction action, PermissionSet pset) { #if !NET_2_1 if (pset == null) { throw new ArgumentNullException("pset"); } if ((action == SecurityAction.RequestMinimum) || (action == SecurityAction.RequestOptional) || (action == SecurityAction.RequestRefuse)) { throw new ArgumentOutOfRangeException("Request* values are not permitted", "action"); } RejectIfCreated(); if (permissions != null) { /* Check duplicate actions */ foreach (RefEmitPermissionSet set in permissions) { if (set.action == action) { throw new InvalidOperationException("Multiple permission sets specified with the same SecurityAction."); } } RefEmitPermissionSet[] new_array = new RefEmitPermissionSet [permissions.Length + 1]; permissions.CopyTo(new_array, 0); permissions = new_array; } else { permissions = new RefEmitPermissionSet [1]; } permissions [permissions.Length - 1] = new RefEmitPermissionSet(action, pset.ToXml().ToString()); attrs |= MethodAttributes.HasSecurity; #endif }
internal void AddPermissionRequests(PermissionSet required, PermissionSet optional, PermissionSet refused) { #if !NET_2_1 if (created) { throw new InvalidOperationException("Assembly was already saved."); } // required for base Assembly class (so the permissions // can be used even if the assembly isn't saved to disk) _minimum = required; _optional = optional; _refuse = refused; // required to reuse AddDeclarativeSecurity support // already present in the runtime if (required != null) { permissions_minimum = new RefEmitPermissionSet [1]; permissions_minimum [0] = new RefEmitPermissionSet( SecurityAction.RequestMinimum, required.ToXml().ToString()); } if (optional != null) { permissions_optional = new RefEmitPermissionSet [1]; permissions_optional [0] = new RefEmitPermissionSet( SecurityAction.RequestOptional, optional.ToXml().ToString()); } if (refused != null) { permissions_refused = new RefEmitPermissionSet [1]; permissions_refused [0] = new RefEmitPermissionSet( SecurityAction.RequestRefuse, refused.ToXml().ToString()); } #endif }
[System.Security.SecurityCritical] // auto-generated internal SecurityElement ToXml(PolicyLevel level, String policyClassName) { if (m_membershipCondition == null && m_element != null) { ParseMembershipCondition(); } if (m_children == null) { ParseChildren(); } if (m_policy == null && m_element != null) { ParsePolicy(); } SecurityElement e = new SecurityElement("CodeGroup"); System.Security.Util.XMLUtil.AddClassAttribute(e, this.GetType(), policyClassName); // If you hit this assert then most likely you are trying to change the name of this class. // This is ok as long as you change the hard coded string above and change the assert below. Contract.Assert(this.GetType().FullName.Equals(policyClassName), "Incorrect class name passed in! Was: " + policyClassName + " Should be " + this.GetType().FullName); e.AddAttribute("version", "1"); e.AddChild(m_membershipCondition.ToXml(level)); // Grab the inerts of the policy statement's xml and just stick it // into the code group xml directly. We do this to hide the policy statement from // users in the config file. if (m_policy != null) { PermissionSet permSet = m_policy.GetPermissionSetNoCopy(); NamedPermissionSet namedPermSet = permSet as NamedPermissionSet; if (namedPermSet != null && level != null && level.GetNamedPermissionSetInternal(namedPermSet.Name) != null) { e.AddAttribute("PermissionSetName", namedPermSet.Name); } else { if (!permSet.IsEmpty()) { e.AddChild(permSet.ToXml()); } } if (m_policy.Attributes != PolicyStatementAttribute.Nothing) { e.AddAttribute("Attributes", XMLUtil.BitFieldEnumToString(typeof(PolicyStatementAttribute), m_policy.Attributes)); } } if (m_children.Count > 0) { lock (this) { IEnumerator enumerator = m_children.GetEnumerator(); while (enumerator.MoveNext()) { e.AddChild(((CodeGroup)enumerator.Current).ToXml(level)); } } } if (m_name != null) { e.AddAttribute("Name", SecurityElement.Escape(m_name)); } if (m_description != null) { e.AddAttribute("Description", SecurityElement.Escape(m_description)); } CreateXml(e, level); return(e); }
// -rsp assemblyname // -resolveperm assemblyname static bool ResolvePermissions(string assemblyname) { Evidence ev = GetAssemblyEvidences(assemblyname); if (ev == null) { return(false); } PermissionSet ps = null; Console.WriteLine(); if (policyLevelDefault) { // different "default" here IEnumerator e = SecurityManager.PolicyHierarchy(); while (e.MoveNext()) { PolicyLevel pl = (PolicyLevel)e.Current; Console.WriteLine("Resolving {0} level", pl.Label); if (ps == null) { ps = pl.Resolve(ev).PermissionSet; } else { ps = ps.Intersect(pl.Resolve(ev).PermissionSet); } } } else { // use the user specified levels foreach (PolicyLevel pl in Levels) { Console.WriteLine("Resolving {0} level", pl.Label); if (ps == null) { ps = pl.Resolve(ev).PermissionSet; } else { ps = ps.Intersect(pl.Resolve(ev).PermissionSet); } } } if (ps == null) { return(false); } IEnumerator ee = ev.GetHostEnumerator(); while (ee.MoveNext()) { IIdentityPermissionFactory ipf = (ee.Current as IIdentityPermissionFactory); if (ipf != null) { IPermission p = ipf.CreateIdentityPermission(ev); ps.AddPermission(p); } } Console.WriteLine("{0}Grant:{0}{1}", Environment.NewLine, ps.ToXml().ToString()); return(true); }
public static SecurityDeclaration ToSecurityDeclaration(this PermissionSet self, Mono.Cecil.SecurityAction action, ModuleDefinition module) { if (self == null) { throw new ArgumentNullException("self"); } if (module == null) { throw new ArgumentNullException("module"); } SecurityDeclaration securityDeclaration = new SecurityDeclaration(action); Mono.Cecil.SecurityAttribute securityAttribute = new Mono.Cecil.SecurityAttribute(module.TypeSystem.LookupType("System.Security.Permissions", "PermissionSetAttribute")); securityAttribute.Properties.Add(new Mono.Cecil.CustomAttributeNamedArgument("XML", new CustomAttributeArgument(module.TypeSystem.String, self.ToXml().ToString()))); securityDeclaration.SecurityAttributes.Add(securityAttribute); return(securityDeclaration); }
/// <include file='doc\CodeGroup.uex' path='docs/doc[@for="CodeGroup.ToXml1"]/*' /> public SecurityElement ToXml(PolicyLevel level) { if (m_membershipCondition == null && m_element != null) { ParseMembershipCondition(); } if (m_children == null) { ParseChildren(); } if (m_policy == null && m_element != null) { ParsePolicy(); } SecurityElement e = new SecurityElement("CodeGroup"); System.Security.Util.XMLUtil.AddClassAttribute(e, this.GetType()); e.AddAttribute("version", "1"); e.AddChild(m_membershipCondition.ToXml(level)); // Grab the inerts of the policy statement's xml and just stick it // into the code group xml directly. We do this to hide the policy statement from // users in the config file. if (m_policy != null) { PermissionSet permSet = m_policy.GetPermissionSetNoCopy(); NamedPermissionSet namedPermSet = permSet as NamedPermissionSet; if (namedPermSet != null && level != null && level.GetNamedPermissionSetInternal(namedPermSet.Name) != null) { e.AddAttribute("PermissionSetName", namedPermSet.Name); } else { if (!permSet.IsEmpty()) { e.AddChild(permSet.ToXml()); } } if (m_policy.Attributes != PolicyStatementAttribute.Nothing) { e.AddAttribute("Attributes", XMLUtil.BitFieldEnumToString(typeof(PolicyStatementAttribute), m_policy.Attributes)); } } if (m_children.Count > 0) { lock (this) { IEnumerator enumerator = m_children.GetEnumerator(); while (enumerator.MoveNext()) { e.AddChild(((CodeGroup)enumerator.Current).ToXml(level)); } } } if (m_name != null) { e.AddAttribute("Name", SecurityElement.Escape(m_name)); } if (m_description != null) { e.AddAttribute("Description", SecurityElement.Escape(m_description)); } CreateXml(e, level); return(e); }
public static void PermissionSetDemo() { Console.WriteLine("Executing PermissionSetDemo"); try { //<Snippet2> // Open a new PermissionSet. PermissionSet ps1 = new PermissionSet(PermissionState.None); Console.WriteLine("Adding permission to open a file from a file dialog box."); //<Snippet3> // Add a permission to the permission set. ps1.AddPermission( new FileDialogPermission(FileDialogPermissionAccess.Open)); //</Snippet3> Console.WriteLine("Demanding permission to open a file."); ps1.Demand(); Console.WriteLine("Demand succeeded."); //</Snippet2> Console.WriteLine("Adding permission to save a file from a file dialog box."); ps1.AddPermission( new FileDialogPermission(FileDialogPermissionAccess.Save)); Console.WriteLine("Demanding permission to open and save a file."); ps1.Demand(); Console.WriteLine("Demand succeeded."); Console.WriteLine("Adding permission to read environment variable USERNAME."); ps1.AddPermission( new EnvironmentPermission(EnvironmentPermissionAccess.Read, "USERNAME")); ps1.Demand(); Console.WriteLine("Demand succeeded."); Console.WriteLine("Adding permission to read environment variable COMPUTERNAME."); ps1.AddPermission( new EnvironmentPermission(EnvironmentPermissionAccess.Read, "COMPUTERNAME")); //<Snippet4> // Demand all the permissions in the set. Console.WriteLine("Demand all permissions."); ps1.Demand(); //</Snippet4> Console.WriteLine("Demand succeeded."); //<Snippet5> // Display the number of permissions in the set. Console.WriteLine("Number of permissions = " + ps1.Count); //</Snippet5> //<Snippet6> // Display the value of the IsSynchronized property. Console.WriteLine("IsSynchronized property = " + ps1.IsSynchronized); //</Snippet6> //<Snippet7> // Display the value of the IsReadOnly property. Console.WriteLine("IsReadOnly property = " + ps1.IsReadOnly); //</Snippet7> //<Snippet8> // Display the value of the SyncRoot property. Console.WriteLine("SyncRoot property = " + ps1.SyncRoot); //</Snippet8> //<Snippet9> // Display the result of a call to the ContainsNonCodeAccessPermissions method. // Gets a value indicating whether the PermissionSet contains permissions // that are not derived from CodeAccessPermission. // Returns true if the PermissionSet contains permissions that are not // derived from CodeAccessPermission; otherwise, false. Console.WriteLine("ContainsNonCodeAccessPermissions method returned " + ps1.ContainsNonCodeAccessPermissions()); //</Snippet9> //<Snippet10> Console.WriteLine("Value of the permission set ToString = \n" + ps1.ToString()); //</Snippet10> PermissionSet ps2 = new PermissionSet(PermissionState.None); //<Snippet11> // Create a second permission set and compare it to the first permission set. ps2.AddPermission( new EnvironmentPermission(EnvironmentPermissionAccess.Read, "USERNAME")); ps2.AddPermission( new EnvironmentPermission(EnvironmentPermissionAccess.Write, "COMPUTERNAME")); IEnumerator list = ps1.GetEnumerator(); Console.WriteLine("Permissions in first permission set:"); while (list.MoveNext()) { Console.WriteLine(list.Current.ToString()); } Console.WriteLine("Second permission IsSubsetOf first permission = " + ps2.IsSubsetOf(ps1)); //</Snippet11> //<Snippet12> // Display the intersection of two permission sets. PermissionSet ps3 = ps2.Intersect(ps1); Console.WriteLine("The intersection of the first permission set and " + "the second permission set = " + ps3.ToString()); //</Snippet12> // Create a new permission set. PermissionSet ps4 = new PermissionSet(PermissionState.None); ps4.AddPermission( new FileIOPermission(FileIOPermissionAccess.Read, "C:\\Temp\\Testfile.txt")); ps4.AddPermission( new FileIOPermission(FileIOPermissionAccess.Read | FileIOPermissionAccess.Write | FileIOPermissionAccess.Append, "C:\\Temp\\Testfile.txt")); //<Snippet13> // Display the union of two permission sets. PermissionSet ps5 = ps3.Union(ps4); Console.WriteLine("The union of permission set 3 and permission set 4 = " + ps5.ToString()); //</Snippet13> //<Snippet15> // Remove FileIOPermission from the permission set. ps5.RemovePermission(typeof(FileIOPermission)); Console.WriteLine("The last permission set after removing FileIOPermission = " + ps5.ToString()); //</Snippet15> //<Snippet16> // Change the permission set using SetPermission. ps5.SetPermission(new EnvironmentPermission(EnvironmentPermissionAccess.AllAccess, "USERNAME")); Console.WriteLine("Permission set after SetPermission = " + ps5.ToString()); //</Snippet16> //<Snippet17> // Display result of ToXml and FromXml operations. PermissionSet ps6 = new PermissionSet(PermissionState.None); ps6.FromXml(ps5.ToXml()); Console.WriteLine("Result of ToFromXml = " + ps6.ToString() + "\n"); //</Snippet17> //<Snippet18> // Display results of PermissionSet.GetEnumerator. IEnumerator psEnumerator = ps1.GetEnumerator(); while (psEnumerator.MoveNext()) { Console.WriteLine(psEnumerator.Current); } //</Snippet18> //<Snippet19> // Check for an unrestricted permission set. PermissionSet ps7 = new PermissionSet(PermissionState.Unrestricted); Console.WriteLine("Permission set is unrestricted = " + ps7.IsUnrestricted()); //</Snippet19> //<Snippet20> // Create and display a copy of a permission set. ps7 = ps5.Copy(); Console.WriteLine("Result of copy = " + ps7.ToString()); //</Snippet20> } catch (Exception e) { Console.WriteLine(e.Message.ToString()); } }
private static void AddLegacyPermissionSet(AssemblyBuilder ab, PermissionSet permissionSet, System.Security.Permissions.SecurityAction action) { if (permissionSet != null) { ab.__AddDeclarativeSecurity(CustomAttributeBuilder.__FromBlob(CustomAttributeBuilder.LegacyPermissionSet, (int)action, Encoding.Unicode.GetBytes(permissionSet.ToXml().ToString()))); } }