internal static bool CheckSetHelper(PermissionSet grants, PermissionSet refused, PermissionSet demands, RuntimeMethodHandleInternal rmh, object assemblyOrString, SecurityAction action, bool throwException)
        {
            IPermission firstPermThatFailed = null;

            if (grants != null)
            {
                grants.CheckDecoded(demands);
            }
            if (refused != null)
            {
                refused.CheckDecoded(demands);
            }
            bool flag = SecurityManager._SetThreadSecurity(false);

            try
            {
                if (!demands.CheckDemand(grants, out firstPermThatFailed))
                {
                    if (!throwException)
                    {
                        return(false);
                    }
                    ThrowSecurityException(assemblyOrString, grants, refused, rmh, action, demands, firstPermThatFailed);
                }
                if (!demands.CheckDeny(refused, out firstPermThatFailed))
                {
                    if (throwException)
                    {
                        ThrowSecurityException(assemblyOrString, grants, refused, rmh, action, demands, firstPermThatFailed);
                    }
                    else
                    {
                        return(false);
                    }
                }
            }
            catch (SecurityException)
            {
                throw;
            }
            catch (Exception)
            {
                if (throwException)
                {
                    ThrowSecurityException(assemblyOrString, grants, refused, rmh, action, demands, firstPermThatFailed);
                }
                else
                {
                    return(false);
                }
            }
            finally
            {
                if (flag)
                {
                    SecurityManager._SetThreadSecurity(true);
                }
            }
            return(true);
        }
Example #2
0
 private static bool CheckAssert(PermissionSet assertPset, PermissionSet demandSet, out PermissionSet newDemandSet)
 {
     newDemandSet = (PermissionSet)null;
     if (assertPset != null)
     {
         assertPset.CheckDecoded(demandSet);
         if (demandSet.CheckAssertion(assertPset))
         {
             return(false);
         }
         PermissionSet.RemoveAssertedPermissionSet(demandSet, assertPset, out newDemandSet);
     }
     return(true);
 }
 private static bool CheckAssert(PermissionSet assertPset, PermissionSet demandSet, out PermissionSet newDemandSet)
 {
     newDemandSet = null;
     if (assertPset != null)
     {
         assertPset.CheckDecoded(demandSet);
         if (demandSet.CheckAssertion(assertPset))
         {
             return false;
         }
         PermissionSet.RemoveAssertedPermissionSet(demandSet, assertPset, out newDemandSet);
     }
     return true;
 }
Example #4
0
        static bool CheckAssert(PermissionSet assertPset, PermissionSet demandSet, out PermissionSet newDemandSet)
        {
            newDemandSet = null;
            if (assertPset != null)
            {
                assertPset.CheckDecoded(demandSet);
                // If this frame asserts a superset of the demand set we're done

                if (demandSet.CheckAssertion(assertPset))
                {
                    return(SecurityRuntime.StackHalt);
                }
                PermissionSet.RemoveAssertedPermissionSet(demandSet, assertPset, out newDemandSet);
            }
            return(SecurityRuntime.StackContinue);
        }
 private static bool CheckAssert(PermissionSet pSet, CodeAccessPermission demand, PermissionToken permToken)
 {
     if (pSet != null)
     {
         pSet.CheckDecoded(demand, permToken);
         CodeAccessPermission asserted = (CodeAccessPermission)pSet.GetPermission(demand);
         try
         {
             if (pSet.IsUnrestricted() || demand.CheckAssert(asserted))
             {
                 return(false);
             }
         }
         catch (ArgumentException)
         {
         }
     }
     return(true);
 }
 private static bool CheckAssert(PermissionSet pSet, CodeAccessPermission demand, PermissionToken permToken)
 {
     if (pSet != null)
     {
         pSet.CheckDecoded(demand, permToken);
         CodeAccessPermission asserted = (CodeAccessPermission) pSet.GetPermission(demand);
         try
         {
             if (pSet.IsUnrestricted() || demand.CheckAssert(asserted))
             {
                 return false;
             }
         }
         catch (ArgumentException)
         {
         }
     }
     return true;
 }
Example #7
0
        static bool CheckAssert(PermissionSet pSet, CodeAccessPermission demand, PermissionToken permToken)
        {
            if (pSet != null)
            {
                pSet.CheckDecoded(demand, permToken);

                CodeAccessPermission perm = (CodeAccessPermission)pSet.GetPermission(demand);

                // If the assert set does contain the demanded permission, halt the stackwalk

                try
                {
                    if (pSet.IsUnrestricted() || demand.CheckAssert(perm))
                    {
                        return(SecurityRuntime.StackHalt);
                    }
                }
                catch (ArgumentException)
                {
                }
            }
            return(SecurityRuntime.StackContinue);
        }
        [System.Security.SecurityCritical]  // auto-generated
#pragma warning disable 618
        internal static bool CheckHelper(PermissionSet grantedSet,
#pragma warning restore 618
                                        PermissionSet refusedSet,
                                        CodeAccessPermission demand, 
                                        PermissionToken permToken,
                                        RuntimeMethodHandleInternal rmh,
                                        Object assemblyOrString,
                                        SecurityAction action,
                                        bool throwException)
        {
            // We should never get here with a null demand
            Contract.Assert(demand != null, "Should not reach here with a null demand");
            
#if _DEBUG && FEATURE_CAS_POLICY
            if (debug)
            {
                DEBUG_OUT("Granted: ");
                DEBUG_OUT(grantedSet.ToXml().ToString());
                DEBUG_OUT("Refused: ");
                DEBUG_OUT(refusedSet != null ? refusedSet.ToXml().ToString() : "<null>");
                DEBUG_OUT("Demanded: ");
                DEBUG_OUT(demand.ToString());
            }
#endif // _DEBUG && FEATURE_CAS_POLICY

            if (permToken == null)
                permToken = PermissionToken.GetToken(demand);

            if (grantedSet != null)
                grantedSet.CheckDecoded(permToken.m_index);
            if (refusedSet != null)
                refusedSet.CheckDecoded(permToken.m_index);

            // If PermissionSet is null, then module does not have Permissions... Fail check.

            bool bThreadSecurity = SecurityManager._SetThreadSecurity(false);

            try
            {
                if (grantedSet == null)
                {
                    if (throwException)
                        ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
                    else
                        return false;
                }
                
                else if (!grantedSet.IsUnrestricted())
                {
                    // If we aren't unrestricted, there is a refused set, or our permission is not of the unrestricted
                    // variety, we need to do the proper callback.

                    Contract.Assert(demand != null,"demand != null");

                    // Find the permission of matching type in the permission set.

                    CodeAccessPermission grantedPerm = 
                                (CodeAccessPermission)grantedSet.GetPermission(permToken);

                    // Make sure the demand has been granted
                    if (!demand.CheckDemand( grantedPerm ))
                    {
                        if (throwException)
                            ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
                        else
                            return false;
                    }
                }

                // Make the sure the permission is not refused.

                if (refusedSet != null)
                {
                    CodeAccessPermission refusedPerm = 
                        (CodeAccessPermission)refusedSet.GetPermission(permToken);
                    if (refusedPerm != null)
                    {
                        if (!refusedPerm.CheckDeny(demand))
                        {
        #if _DEBUG
                            if (debug)
                                DEBUG_OUT( "Permission found in refused set" );
        #endif
                                if (throwException)
                                    ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
                                else
                                    return false;

                        }
                    }

                    if (refusedSet.IsUnrestricted())
                    {
                        if (throwException)
                            ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
                        else
                            return false;
                    }
                }
            }
            catch (SecurityException)
            {
                throw;
            }
            catch (Exception)
            {
                // Any exception besides a security exception in this code means that
                // a permission was unable to properly handle what we asked of it.
                // We will define this to mean that the demand failed.
                if (throwException)
                    ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
                else
                    return false;
            }
            finally
            {
                if (bThreadSecurity)
                    SecurityManager._SetThreadSecurity(true);
            }

            DEBUG_OUT( "Check passed" );
            return true;
        }
        [System.Security.SecurityCritical]  // auto-generated
#pragma warning disable 618
        internal static bool CheckSetHelper(PermissionSet grants,
#pragma warning restore 618
                                           PermissionSet refused,
                                           PermissionSet demands,
                                           RuntimeMethodHandleInternal rmh,
                                           Object assemblyOrString,
                                           SecurityAction action,
                                           bool throwException)
        {

            Contract.Assert(demands != null, "Should not reach here with a null demand set");
#if _DEBUG && FEATURE_CAS_POLICY
            if (debug)
            {
                DEBUG_OUT("Granted: ");
                DEBUG_OUT(grants.ToXml().ToString());
                DEBUG_OUT("Refused: ");
                DEBUG_OUT(refused != null ? refused.ToXml().ToString() : "<null>");
                DEBUG_OUT("Demanded: ");
                DEBUG_OUT(demands!=null ? demands.ToXml().ToString() : "<null>");
            }
#endif // _DEBUG && FEATURE_CAS_POLICY

            IPermission permThatFailed = null;
            if (grants != null)
                grants.CheckDecoded(demands);
            if (refused != null)
                refused.CheckDecoded(demands);

            bool bThreadSecurity = SecurityManager._SetThreadSecurity(false);

            try
            {

                // Check grant set
                if (!demands.CheckDemand(grants, out permThatFailed))
                {
                    if (throwException)
                        ThrowSecurityException(assemblyOrString, grants, refused, rmh, action, demands, permThatFailed);
                    else
                        return false;
                }

                // Check refused set
                if (!demands.CheckDeny(refused, out permThatFailed))
                {
                    if (throwException)
                        ThrowSecurityException(assemblyOrString, grants, refused, rmh, action, demands, permThatFailed);
                    else
                        return false;
                }
            }
            catch (SecurityException)
            {
                throw;
            }
            catch (Exception)
            {
                // Any exception besides a security exception in this code means that
                // a permission was unable to properly handle what we asked of it.
                // We will define this to mean that the demand failed.
                if (throwException)
                    ThrowSecurityException(assemblyOrString, grants, refused, rmh, action, demands, permThatFailed);
                else
                    return false;
            }
            finally
            {
                if (bThreadSecurity)
                    SecurityManager._SetThreadSecurity(true);
            }
            return true;
        }
        [System.Security.SecurityCritical]  // auto-generated
        static bool CheckAssert(PermissionSet assertPset, PermissionSet demandSet, out PermissionSet newDemandSet)
        {
            newDemandSet = null;
            if (assertPset!= null)
            {
                assertPset.CheckDecoded(demandSet);
                // If this frame asserts a superset of the demand set we're done

                if (demandSet.CheckAssertion(assertPset))
                    return SecurityRuntime.StackHalt;
                PermissionSet.RemoveAssertedPermissionSet(demandSet, assertPset, out newDemandSet);
            }
            return SecurityRuntime.StackContinue;
        }
        [System.Security.SecurityCritical]  // auto-generated
        static bool CheckAssert(PermissionSet pSet, CodeAccessPermission demand, PermissionToken permToken)
        {
            if (pSet != null)
            {
                pSet.CheckDecoded(demand, permToken);

                CodeAccessPermission perm = (CodeAccessPermission)pSet.GetPermission(demand);
            
                // If the assert set does contain the demanded permission, halt the stackwalk

                try
                {
                    if (pSet.IsUnrestricted() || demand.CheckAssert(perm))
                    {
                        return SecurityRuntime.StackHalt;
                    }
                }
                catch (ArgumentException)
                {
                }
            }
            return SecurityRuntime.StackContinue;
        }
Example #12
0
        internal static bool CheckHelper(PermissionSet grantedSet, PermissionSet refusedSet, CodeAccessPermission demand, PermissionToken permToken, RuntimeMethodHandleInternal rmh, object assemblyOrString, SecurityAction action, bool throwException)
        {
            if (permToken == null)
            {
                permToken = PermissionToken.GetToken(demand);
            }
            if (grantedSet != null)
            {
                grantedSet.CheckDecoded(permToken.m_index);
            }
            if (refusedSet != null)
            {
                refusedSet.CheckDecoded(permToken.m_index);
            }
            bool flag = SecurityManager._SetThreadSecurity(false);

            try
            {
                if (grantedSet == null)
                {
                    if (!throwException)
                    {
                        return(false);
                    }
                    CodeAccessSecurityEngine.ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
                }
                else if (!grantedSet.IsUnrestricted())
                {
                    CodeAccessPermission grant = (CodeAccessPermission)grantedSet.GetPermission(permToken);
                    if (!demand.CheckDemand(grant))
                    {
                        if (!throwException)
                        {
                            return(false);
                        }
                        CodeAccessSecurityEngine.ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
                    }
                }
                if (refusedSet != null)
                {
                    CodeAccessPermission codeAccessPermission = (CodeAccessPermission)refusedSet.GetPermission(permToken);
                    if (codeAccessPermission != null && !codeAccessPermission.CheckDeny(demand))
                    {
                        if (!throwException)
                        {
                            return(false);
                        }
                        CodeAccessSecurityEngine.ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
                    }
                    if (refusedSet.IsUnrestricted())
                    {
                        if (!throwException)
                        {
                            return(false);
                        }
                        CodeAccessSecurityEngine.ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
                    }
                }
            }
            catch (SecurityException)
            {
                throw;
            }
            catch (Exception)
            {
                if (!throwException)
                {
                    return(false);
                }
                CodeAccessSecurityEngine.ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
            }
            finally
            {
                if (flag)
                {
                    SecurityManager._SetThreadSecurity(true);
                }
            }
            return(true);
        }
        [System.Security.SecurityCritical]  // auto-generated
#pragma warning disable 618
        internal static bool CheckHelper(PermissionSet grantedSet,
#pragma warning restore 618
                                         PermissionSet refusedSet,
                                         CodeAccessPermission demand,
                                         PermissionToken permToken,
                                         RuntimeMethodHandleInternal rmh,
                                         Object assemblyOrString,
                                         SecurityAction action,
                                         bool throwException)
        {
            // We should never get here with a null demand
            Contract.Assert(demand != null, "Should not reach here with a null demand");

#if _DEBUG && FEATURE_CAS_POLICY
            if (debug)
            {
                DEBUG_OUT("Granted: ");
                DEBUG_OUT(grantedSet.ToXml().ToString());
                DEBUG_OUT("Refused: ");
                DEBUG_OUT(refusedSet != null ? refusedSet.ToXml().ToString() : "<null>");
                DEBUG_OUT("Demanded: ");
                DEBUG_OUT(demand.ToString());
            }
#endif // _DEBUG && FEATURE_CAS_POLICY

            if (permToken == null)
            {
                permToken = PermissionToken.GetToken(demand);
            }

            if (grantedSet != null)
            {
                grantedSet.CheckDecoded(permToken.m_index);
            }
            if (refusedSet != null)
            {
                refusedSet.CheckDecoded(permToken.m_index);
            }

            // If PermissionSet is null, then module does not have Permissions... Fail check.

            bool bThreadSecurity = SecurityManager._SetThreadSecurity(false);

            try
            {
                if (grantedSet == null)
                {
                    if (throwException)
                    {
                        ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
                    }
                    else
                    {
                        return(false);
                    }
                }

                else if (!grantedSet.IsUnrestricted())
                {
                    // If we aren't unrestricted, there is a refused set, or our permission is not of the unrestricted
                    // variety, we need to do the proper callback.

                    Contract.Assert(demand != null, "demand != null");

                    // Find the permission of matching type in the permission set.

                    CodeAccessPermission grantedPerm =
                        (CodeAccessPermission)grantedSet.GetPermission(permToken);

                    // Make sure the demand has been granted
                    if (!demand.CheckDemand(grantedPerm))
                    {
                        if (throwException)
                        {
                            ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
                        }
                        else
                        {
                            return(false);
                        }
                    }
                }

                // Make the sure the permission is not refused.

                if (refusedSet != null)
                {
                    CodeAccessPermission refusedPerm =
                        (CodeAccessPermission)refusedSet.GetPermission(permToken);
                    if (refusedPerm != null)
                    {
                        if (!refusedPerm.CheckDeny(demand))
                        {
        #if _DEBUG
                            if (debug)
                            {
                                DEBUG_OUT("Permission found in refused set");
                            }
        #endif
                            if (throwException)
                            {
                                ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
                            }
                            else
                            {
                                return(false);
                            }
                        }
                    }

                    if (refusedSet.IsUnrestricted())
                    {
                        if (throwException)
                        {
                            ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
                        }
                        else
                        {
                            return(false);
                        }
                    }
                }
            }
            catch (SecurityException)
            {
                throw;
            }
            catch (Exception)
            {
                // Any exception besides a security exception in this code means that
                // a permission was unable to properly handle what we asked of it.
                // We will define this to mean that the demand failed.
                if (throwException)
                {
                    ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
                }
                else
                {
                    return(false);
                }
            }
            finally
            {
                if (bThreadSecurity)
                {
                    SecurityManager._SetThreadSecurity(true);
                }
            }

            DEBUG_OUT("Check passed");
            return(true);
        }
        [System.Security.SecurityCritical]  // auto-generated
#pragma warning disable 618
        internal static bool CheckSetHelper(PermissionSet grants,
#pragma warning restore 618
                                            PermissionSet refused,
                                            PermissionSet demands,
                                            RuntimeMethodHandleInternal rmh,
                                            Object assemblyOrString,
                                            SecurityAction action,
                                            bool throwException)
        {
            Contract.Assert(demands != null, "Should not reach here with a null demand set");
#if _DEBUG && FEATURE_CAS_POLICY
            if (debug)
            {
                DEBUG_OUT("Granted: ");
                DEBUG_OUT(grants.ToXml().ToString());
                DEBUG_OUT("Refused: ");
                DEBUG_OUT(refused != null ? refused.ToXml().ToString() : "<null>");
                DEBUG_OUT("Demanded: ");
                DEBUG_OUT(demands != null ? demands.ToXml().ToString() : "<null>");
            }
#endif // _DEBUG && FEATURE_CAS_POLICY

            IPermission permThatFailed = null;
            if (grants != null)
            {
                grants.CheckDecoded(demands);
            }
            if (refused != null)
            {
                refused.CheckDecoded(demands);
            }

            bool bThreadSecurity = SecurityManager._SetThreadSecurity(false);

            try
            {
                // Check grant set
                if (!demands.CheckDemand(grants, out permThatFailed))
                {
                    if (throwException)
                    {
                        ThrowSecurityException(assemblyOrString, grants, refused, rmh, action, demands, permThatFailed);
                    }
                    else
                    {
                        return(false);
                    }
                }

                // Check refused set
                if (!demands.CheckDeny(refused, out permThatFailed))
                {
                    if (throwException)
                    {
                        ThrowSecurityException(assemblyOrString, grants, refused, rmh, action, demands, permThatFailed);
                    }
                    else
                    {
                        return(false);
                    }
                }
            }
            catch (SecurityException)
            {
                throw;
            }
            catch (Exception)
            {
                // Any exception besides a security exception in this code means that
                // a permission was unable to properly handle what we asked of it.
                // We will define this to mean that the demand failed.
                if (throwException)
                {
                    ThrowSecurityException(assemblyOrString, grants, refused, rmh, action, demands, permThatFailed);
                }
                else
                {
                    return(false);
                }
            }
            finally
            {
                if (bThreadSecurity)
                {
                    SecurityManager._SetThreadSecurity(true);
                }
            }
            return(true);
        }
 internal static bool CheckHelper(PermissionSet grantedSet, PermissionSet refusedSet, CodeAccessPermission demand, PermissionToken permToken, RuntimeMethodHandleInternal rmh, object assemblyOrString, SecurityAction action, bool throwException)
 {
     if (permToken == null)
     {
         permToken = PermissionToken.GetToken(demand);
     }
     if (grantedSet != null)
     {
         grantedSet.CheckDecoded(permToken.m_index);
     }
     if (refusedSet != null)
     {
         refusedSet.CheckDecoded(permToken.m_index);
     }
     bool flag = SecurityManager._SetThreadSecurity(false);
     try
     {
         if (grantedSet == null)
         {
             if (!throwException)
             {
                 return false;
             }
             ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
         }
         else if (!grantedSet.IsUnrestricted())
         {
             CodeAccessPermission grant = (CodeAccessPermission) grantedSet.GetPermission(permToken);
             if (!demand.CheckDemand(grant))
             {
                 if (throwException)
                 {
                     ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
                 }
                 else
                 {
                     return false;
                 }
             }
         }
         if (refusedSet != null)
         {
             CodeAccessPermission permission = (CodeAccessPermission) refusedSet.GetPermission(permToken);
             if ((permission != null) && !permission.CheckDeny(demand))
             {
                 if (!throwException)
                 {
                     return false;
                 }
                 ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
             }
             if (refusedSet.IsUnrestricted())
             {
                 if (throwException)
                 {
                     ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
                 }
                 else
                 {
                     return false;
                 }
             }
         }
     }
     catch (SecurityException)
     {
         throw;
     }
     catch (Exception)
     {
         if (throwException)
         {
             ThrowSecurityException(assemblyOrString, grantedSet, refusedSet, rmh, action, demand, demand);
         }
         else
         {
             return false;
         }
     }
     finally
     {
         if (flag)
         {
             SecurityManager._SetThreadSecurity(true);
         }
     }
     return true;
 }
 internal static bool CheckSetHelper(PermissionSet grants, PermissionSet refused, PermissionSet demands, RuntimeMethodHandleInternal rmh, object assemblyOrString, SecurityAction action, bool throwException)
 {
     IPermission firstPermThatFailed = null;
     if (grants != null)
     {
         grants.CheckDecoded(demands);
     }
     if (refused != null)
     {
         refused.CheckDecoded(demands);
     }
     bool flag = SecurityManager._SetThreadSecurity(false);
     try
     {
         if (!demands.CheckDemand(grants, out firstPermThatFailed))
         {
             if (!throwException)
             {
                 return false;
             }
             ThrowSecurityException(assemblyOrString, grants, refused, rmh, action, demands, firstPermThatFailed);
         }
         if (!demands.CheckDeny(refused, out firstPermThatFailed))
         {
             if (throwException)
             {
                 ThrowSecurityException(assemblyOrString, grants, refused, rmh, action, demands, firstPermThatFailed);
             }
             else
             {
                 return false;
             }
         }
     }
     catch (SecurityException)
     {
         throw;
     }
     catch (Exception)
     {
         if (throwException)
         {
             ThrowSecurityException(assemblyOrString, grants, refused, rmh, action, demands, firstPermThatFailed);
         }
         else
         {
             return false;
         }
     }
     finally
     {
         if (flag)
         {
             SecurityManager._SetThreadSecurity(true);
         }
     }
     return true;
 }