public override ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context) { if (applicationEvidence == null) { throw new ArgumentNullException("applicationEvidence"); } // Get the activation context from the application evidence. // This HostSecurityManager does not examine the activator evidence // nor is it concerned with the TrustManagerContext; // it simply grants the requested grant in the application manifest. IEnumerator enumerator = applicationEvidence.GetHostEnumerator(); ActivationArguments activationArgs = null; while (enumerator.MoveNext()) { activationArgs = enumerator.Current as ActivationArguments; if (activationArgs != null) { break; } } if (activationArgs == null) { return(null); } ActivationContext activationContext = activationArgs.ActivationContext; if (activationContext == null) { return(null); } //<Snippet4> ApplicationTrust trust = new ApplicationTrust(activationContext.Identity); ApplicationSecurityInfo asi = new ApplicationSecurityInfo(activationContext); trust.DefaultGrantSet = new PolicyStatement(asi.DefaultRequestSet, PolicyStatementAttribute.Nothing); trust.IsApplicationTrustedToRun = true; //</Snippet4> return(trust); }
public static void TrustManagerContextCallMethods() { TrustManagerContext tmc = new TrustManagerContext(); tmc = new TrustManagerContext(new TrustManagerUIContext()); }
public virtual ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context) { return(default(ApplicationTrust)); }
public virtual ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context) { if (applicationEvidence == null) { throw new ArgumentNullException("applicationEvidence"); } ActivationArguments aa = null; foreach (object o in applicationEvidence) { aa = (o as ActivationArguments); if (aa != null) { break; } } if (aa == null) { string msg = Locale.GetText("No {0} found in {1}."); throw new ArgumentException(string.Format(msg, "ActivationArguments", "Evidence"), "applicationEvidence"); } if (aa.ActivationContext == null) { string msg = Locale.GetText("No {0} found in {1}."); throw new ArgumentException(string.Format(msg, "ActivationContext", "ActivationArguments"), "applicationEvidence"); } // FIXME: this part is still untested (requires manifest support) if (ApplicationSecurityManager.DetermineApplicationTrust(aa.ActivationContext, context)) { if (aa.ApplicationIdentity == null) { return(new ApplicationTrust()); } else { return(new ApplicationTrust(aa.ApplicationIdentity)); } } return(null); }
public virtual ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context) { if (applicationEvidence == null) { throw new ArgumentNullException("applicationEvidence"); } Contract.EndContractBlock(); // This method looks for a trust decision for the ActivationContext in three locations, in order // of preference: // // 1. Supplied by the host in the AppDomainSetup. If the host supplied a decision this way, it // will be in the applicationEvidence. // 2. Reuse the ApplicationTrust from the current AppDomain // 3. Ask the TrustManager for a trust decision // get the activation context from the application evidence. // The default HostSecurityManager does not examine the activatorEvidence // but other security managers could use it to figure out the // evidence of the domain attempting to activate the application. ActivationArguments activationArgs = applicationEvidence.GetHostEvidence <ActivationArguments>(); if (activationArgs == null) { throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence")); } ActivationContext actCtx = activationArgs.ActivationContext; if (actCtx == null) { throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence")); } // Make sure that any ApplicationTrust we find applies to the ActivationContext we're // creating the new AppDomain for. ApplicationTrust appTrust = applicationEvidence.GetHostEvidence <ApplicationTrust>(); if (appTrust != null && !CmsUtils.CompareIdentities(appTrust.ApplicationIdentity, activationArgs.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion)) { appTrust = null; } // If there was not a trust decision supplied in the Evidence, we can reuse the existing trust // decision from this domain if its identity matches the ActivationContext of the new domain. // Otherwise consult the TrustManager for a trust decision if (appTrust == null) { if (AppDomain.CurrentDomain.ApplicationTrust != null && CmsUtils.CompareIdentities(AppDomain.CurrentDomain.ApplicationTrust.ApplicationIdentity, activationArgs.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion)) { appTrust = AppDomain.CurrentDomain.ApplicationTrust; } else { appTrust = ApplicationSecurityManager.DetermineApplicationTrustInternal(actCtx, context); } } // If the trust decision allows the application to run, then it should also have a permission set // which is at least the permission set the application requested. ApplicationSecurityInfo appRequest = new ApplicationSecurityInfo(actCtx); if (appTrust != null && appTrust.IsApplicationTrustedToRun && !appRequest.DefaultRequestSet.IsSubsetOf(appTrust.DefaultGrantSet.PermissionSet)) { throw new InvalidOperationException(Environment.GetResourceString("Policy_AppTrustMustGrantAppRequest")); } return(appTrust); }
/// <summary>Determines whether an application should be executed.</summary> /// <returns>An <see cref="T:System.Security.Policy.ApplicationTrust" /> object that contains trust information about the application.</returns> /// <param name="applicationEvidence">The <see cref="T:System.Security.Policy.Evidence" /> for the application to be activated.</param> /// <param name="activatorEvidence">Optionally, the <see cref="T:System.Security.Policy.Evidence" /> for the activating application domain. </param> /// <param name="context">A <see cref="T:System.Security.Policy.TrustManagerContext" /> that specifies the trust context. </param> /// <exception cref="T:System.ArgumentNullException"> /// <paramref name="applicationEvidence" /> is null.</exception> /// <exception cref="T:System.ArgumentException">An <see cref="T:System.Runtime.Hosting.ActivationArguments" /> object could not be found in the application evidence.-or-The <see cref="P:System.Runtime.Hosting.ActivationArguments.ActivationContext" /> property in the activation arguments is null.</exception> /// <exception cref="T:System.InvalidOperationException">The <see cref="T:System.Security.Policy.ApplicationTrust" /> grant set does not contain the minimum request set specified by the <see cref="T:System.ActivationContext" />.</exception> public virtual ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context) { if (applicationEvidence == null) { throw new ArgumentNullException("applicationEvidence"); } ActivationArguments activationArguments = null; foreach (object obj in applicationEvidence) { activationArguments = (obj as ActivationArguments); if (activationArguments != null) { break; } } if (activationArguments == null) { string text = Locale.GetText("No {0} found in {1}."); throw new ArgumentException(string.Format(text, "ActivationArguments", "Evidence"), "applicationEvidence"); } if (activationArguments.ActivationContext == null) { string text2 = Locale.GetText("No {0} found in {1}."); throw new ArgumentException(string.Format(text2, "ActivationContext", "ActivationArguments"), "applicationEvidence"); } if (!ApplicationSecurityManager.DetermineApplicationTrust(activationArguments.ActivationContext, context)) { return(null); } if (activationArguments.ApplicationIdentity == null) { return(new ApplicationTrust()); } return(new ApplicationTrust(activationArguments.ApplicationIdentity)); }
public virtual ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context) { throw new NotImplementedException(); }
// Methods public static bool DetermineApplicationTrust(System.ActivationContext activationContext, TrustManagerContext context) { }
public virtual ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context) { if (applicationEvidence == null) { throw new ArgumentNullException("applicationEvidence"); } ActivationArguments hostEvidence = applicationEvidence.GetHostEvidence <ActivationArguments>(); if (hostEvidence == null) { throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence")); } ActivationContext activationContext = hostEvidence.ActivationContext; if (activationContext == null) { throw new ArgumentException(Environment.GetResourceString("Policy_MissingActivationContextInAppEvidence")); } ApplicationTrust applicationTrust = applicationEvidence.GetHostEvidence <ApplicationTrust>(); if ((applicationTrust != null) && !CmsUtils.CompareIdentities(applicationTrust.ApplicationIdentity, hostEvidence.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion)) { applicationTrust = null; } if (applicationTrust == null) { if ((AppDomain.CurrentDomain.ApplicationTrust != null) && CmsUtils.CompareIdentities(AppDomain.CurrentDomain.ApplicationTrust.ApplicationIdentity, hostEvidence.ApplicationIdentity, ApplicationVersionMatch.MatchExactVersion)) { applicationTrust = AppDomain.CurrentDomain.ApplicationTrust; } else { applicationTrust = ApplicationSecurityManager.DetermineApplicationTrustInternal(activationContext, context); } } ApplicationSecurityInfo info = new ApplicationSecurityInfo(activationContext); if (((applicationTrust != null) && applicationTrust.IsApplicationTrustedToRun) && !info.DefaultRequestSet.IsSubsetOf(applicationTrust.DefaultGrantSet.PermissionSet)) { throw new InvalidOperationException(Environment.GetResourceString("Policy_AppTrustMustGrantAppRequest")); } return(applicationTrust); }
public override ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context) { EventTrace.EasyTraceEvent(EventTrace.Keyword.KeywordHosting | EventTrace.Keyword.KeywordPerf, EventTrace.Level.Verbose, EventTrace.Event.WpfHost_DetermineApplicationTrustStart); ApplicationTrust trust; Uri activationUri = GetUriFromActivationData(0); bool isDebug = PresentationAppDomainManager.IsDebug ? true : GetBoolFromActivationData(1); BrowserInteropHelper.SetBrowserHosted(true); if (isDebug) { context.IgnorePersistedDecision = true; context.Persist = false; context.KeepAlive = false; context.NoPrompt = true; trust = base.DetermineApplicationTrust(applicationEvidence, activatorEvidence, context); } else { // Elevation prompt for permissions beyond the default for the security zone is allowed only // in the Intranet and Trusted Sites zones (v4). Zone hostEvidence = applicationEvidence.GetHostEvidence <Zone>(); context.NoPrompt = !(hostEvidence.SecurityZone == SecurityZone.Intranet || hostEvidence.SecurityZone == SecurityZone.Trusted); /* * Now we need to convince the ClickOnce elevation prompt to use the browser's top-level window as * the owner in order to block the browser's UI (and our Cancel button) and ensure the prompt * stays on top. This is not easy. * The prompt dialog is created without an explicit owner, on its own thread. * There are layers of ClickOnce and pure security code before the UI is invoked (that's * TrustManagerPromptUIThread in System.Windows.Forms.dll). So, passing the owner window handle * would require some awkward plumbing. * * Since the dialog is shown on a separate thread, intercepting its creation or display is * complicated. An EVENT_OBJECT_CREATE hook can do it. But there is a cascade of thread * synchonization/access and window state issues if trying to set the owner on the fly. * * The cleanest solution ended up resorting to Detours. When not given an owner window, * SWF.Form.ShowDialog() uses the active window as owner. Since the call to GetActiveWindow() * occurs on a new thread, where there are no other windows, we couldn't just pre-set the owner * as the active window. So, we intercept the GetActiveWindow() call and return the browser's * top-level window. From that point on, everything in the Microsoft dialog works as if the owner * was explicitly given. (And owner from a different thread or process is fully supported.) * * This condition is an optimization. * DetermineApplicationTrust() is called up to 3 times: twice in the default AppDomain and once * in the new one. Empirically, the elevation prompt is shown during the first call. */ bool forceOwner = !context.NoPrompt && ElevationPromptOwnerWindow != IntPtr.Zero; if (forceOwner) { // The native code passes the DocObject top window, not the browser's top-level window, // but we need exactly the top-level one. IntPtr ownerWindow = UnsafeNativeMethods.GetAncestor( new HandleRef(null, ElevationPromptOwnerWindow), NativeMethods.GA_ROOT); SetFakeActiveWindow(ownerWindow); ElevationPromptOwnerWindow = IntPtr.Zero; // to prevent further prompting } try { trust = base.DetermineApplicationTrust(applicationEvidence, activatorEvidence, context); } finally { if (forceOwner) { SetFakeActiveWindow(new IntPtr()); } } } // Modify the permission grant set if necessary. if (trust != null) { PermissionSet permissions = trust.DefaultGrantSet.PermissionSet; if (isDebug) { Uri debugSecurityZoneURL = GetUriFromActivationData(2); if (debugSecurityZoneURL != null) { permissions = AddPermissionForUri(permissions, debugSecurityZoneURL); } } // CLR v4 breaking change: In some activation scenarios we get a ReadOnlyPermissionSet. // This is a problem because: // - Code may expect AppDomain.PermissionSet (or the old AppDomain.ApplicationTrust. // DefaultGrantSet.PermissionSet) to return a mutable PermissionSet. // - The ReadOnlyPermissionSet may have v2 and v3 assembly references--they are not 'unified' // to the current framework version. This might confuse code doing more involved permission // set comparisons or calculations. // See bug Dev10.697110 for the longer story. Workaround is to copy the ROPS to a regular one. if (permissions is ReadOnlyPermissionSet) { permissions = new PermissionSet(permissions); } trust.DefaultGrantSet.PermissionSet = permissions; } EventTrace.EasyTraceEvent(EventTrace.Keyword.KeywordHosting | EventTrace.Keyword.KeywordPerf, EventTrace.Level.Verbose, EventTrace.Event.WpfHost_DetermineApplicationTrustEnd); return(trust); }
public static System.Security.Policy.ApplicationTrust RequestTrust(SubscriptionState subState, bool isShellVisible, bool isUpdate, ActivationContext actCtx, TrustManagerContext tmc) { Logger.AddMethodCall("ApplicationTrust.RequestTrust(isShellVisible=" + isShellVisible.ToString() + ", isUpdate=" + isUpdate.ToString() + ", subState.IsInstalled=" + subState.IsInstalled.ToString() + ") called."); if (!subState.IsInstalled || subState.IsShellVisible != isShellVisible) { tmc.IgnorePersistedDecision = true; } if (isUpdate) { tmc.PreviousApplicationIdentity = subState.CurrentBind.ToApplicationIdentity(); } bool applicationTrust1; try { Logger.AddInternalState("Calling ApplicationSecurityManager.DetermineApplicationTrust()."); Logger.AddInternalState("Trust Manager Context=" + Logger.Serialize(tmc)); applicationTrust1 = ApplicationSecurityManager.DetermineApplicationTrust(actCtx, tmc); } catch (TypeLoadException ex) { throw new InvalidDeploymentException(Resources.GetString("Ex_InvalidTrustInfo"), (Exception)ex); } if (!applicationTrust1) { throw new TrustNotGrantedException(Resources.GetString("Ex_NoTrust")); } Logger.AddInternalState("Trust granted."); System.Security.Policy.ApplicationTrust applicationTrust2 = (System.Security.Policy.ApplicationTrust)null; for (int index = 0; index < 5; ++index) { applicationTrust2 = ApplicationSecurityManager.UserApplicationTrusts[actCtx.Identity.FullName]; if (applicationTrust2 == null) { Thread.Sleep(10); } else { break; } } if (applicationTrust2 == null) { throw new InvalidDeploymentException(Resources.GetString("Ex_InvalidMatchTrust")); } return(applicationTrust2); }
public ApplicationTrust DetermineApplicationTrust(ActivationContext appContext, TrustManagerContext context) { ApplicationTrust trust = new ApplicationTrust(appContext.Identity); trust.IsApplicationTrustedToRun = false; ApplicationSecurityInfo asi = new ApplicationSecurityInfo(appContext); trust.DefaultGrantSet = new PolicyStatement(asi.DefaultRequestSet, PolicyStatementAttribute.Nothing); if (context.UIContext == TrustManagerUIContext.Run) { string message = "Do you want to run " + asi.ApplicationId.Name + " ?"; string caption = "MyTrustManager"; MessageBoxButtons buttons = MessageBoxButtons.YesNo; DialogResult result; // Displays the MessageBox. result = MessageBox.Show(message, caption, buttons); if (result == DialogResult.Yes) { trust.IsApplicationTrustedToRun = true; if (context != null) { trust.Persist = context.Persist; } else { trust.Persist = false; } } } return(trust); }
public override ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context) { EventTrace.EasyTraceEvent(EventTrace.Keyword.KeywordPerf | EventTrace.Keyword.KeywordHosting, EventTrace.Level.Verbose, EventTrace.Event.WpfHost_DetermineApplicationTrustStart); Uri uriFromActivationData = this.GetUriFromActivationData(0); bool flag = PresentationAppDomainManager.IsDebug || this.GetBoolFromActivationData(1); BrowserInteropHelper.SetBrowserHosted(true); ApplicationTrust applicationTrust; if (flag) { context.IgnorePersistedDecision = true; context.Persist = false; context.KeepAlive = false; context.NoPrompt = true; applicationTrust = base.DetermineApplicationTrust(applicationEvidence, activatorEvidence, context); } else { Zone hostEvidence = applicationEvidence.GetHostEvidence <Zone>(); context.NoPrompt = (hostEvidence.SecurityZone != SecurityZone.Intranet && hostEvidence.SecurityZone != SecurityZone.Trusted); bool flag2 = !context.NoPrompt && PresentationHostSecurityManager.ElevationPromptOwnerWindow != IntPtr.Zero; if (flag2) { IntPtr ancestor = UnsafeNativeMethods.GetAncestor(new HandleRef(null, PresentationHostSecurityManager.ElevationPromptOwnerWindow), 2); PresentationHostSecurityManager.SetFakeActiveWindow(ancestor); PresentationHostSecurityManager.ElevationPromptOwnerWindow = IntPtr.Zero; } try { applicationTrust = base.DetermineApplicationTrust(applicationEvidence, activatorEvidence, context); } finally { if (flag2) { PresentationHostSecurityManager.SetFakeActiveWindow((IntPtr)0); } } } if (applicationTrust != null) { PermissionSet permissionSet = applicationTrust.DefaultGrantSet.PermissionSet; if (flag) { Uri uriFromActivationData2 = this.GetUriFromActivationData(2); if (uriFromActivationData2 != null) { permissionSet = PresentationHostSecurityManager.AddPermissionForUri(permissionSet, uriFromActivationData2); } } if (permissionSet is ReadOnlyPermissionSet) { permissionSet = new PermissionSet(permissionSet); } applicationTrust.DefaultGrantSet.PermissionSet = permissionSet; } EventTrace.EasyTraceEvent(EventTrace.Keyword.KeywordPerf | EventTrace.Keyword.KeywordHosting, EventTrace.Level.Verbose, EventTrace.Event.WpfHost_DetermineApplicationTrustEnd); return(applicationTrust); }
// Methods public static bool DetermineApplicationTrust(System.ActivationContext activationContext, TrustManagerContext context) {}