public PermissionRequestEvidence(PermissionSet request, PermissionSet optional, PermissionSet denied)
{
if (request == null)
{
this.m_request = null;
}
else
{
this.m_request = request.Copy();
}
if (optional == null)
{
this.m_optional = null;
}
else
{
this.m_optional = optional.Copy();
}
if (denied == null)
{
this.m_denied = null;
}
else
{
this.m_denied = denied.Copy();
}
}
public virtual PermissionSet Intersect(PermissionSet other)
#endif
{
// no intersection possible
if ((other == null) || (other.IsEmpty()) || (this.IsEmpty()))
{
return(null);
}
PermissionState state = PermissionState.None;
if (this.IsUnrestricted() && other.IsUnrestricted())
{
state = PermissionState.Unrestricted;
}
PermissionSet interSet = null;
#if NET_2_0
// much simpler with 2.0
if (state == PermissionState.Unrestricted)
{
interSet = new PermissionSet(state);
}
else if (this.IsUnrestricted())
{
interSet = other.Copy();
}
else if (other.IsUnrestricted())
{
interSet = this.Copy();
}
else
{
interSet = new PermissionSet(state);
InternalIntersect(interSet, this, other, false);
}
#else
interSet = new PermissionSet(state);
if (state == PermissionState.Unrestricted)
{
InternalIntersect(interSet, this, other, true);
InternalIntersect(interSet, other, this, true);
}
else if (this.IsUnrestricted())
{
InternalIntersect(interSet, this, other, true);
}
else if (other.IsUnrestricted())
{
InternalIntersect(interSet, other, this, true);
}
else
{
InternalIntersect(interSet, this, other, false);
}
#endif
return(interSet);
}
internal static PermissionSet ComputeZonePermissionSetHelper(string targetZone, PermissionSet includedPermissionSet, ITaskItem[] dependencies, string targetFrameworkMoniker)
{
if (!string.IsNullOrEmpty(targetZone) && !string.Equals(targetZone, "Custom", StringComparison.OrdinalIgnoreCase))
{
return GetNamedPermissionSetFromZone(targetZone, dependencies, targetFrameworkMoniker);
}
return includedPermissionSet.Copy();
}
private static PermissionSet ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, out PermissionSet denied, bool checkExecutionPermission)
{
if (executionSecurityPermission == null)
{
executionSecurityPermission = new SecurityPermission(SecurityPermissionFlag.Execution);
}
PermissionSet other = null;
Exception exception = null;
PermissionSet set2 = optPset;
if (reqdPset == null)
{
other = set2;
}
else
{
other = (set2 == null) ? null : reqdPset.Union(set2);
}
if ((other != null) && !other.IsUnrestricted())
{
other.AddPermission(executionSecurityPermission);
}
if (evidence == null)
{
evidence = new Evidence();
}
PermissionSet target = polmgr.Resolve(evidence);
if (other != null)
{
target.InplaceIntersect(other);
}
if (checkExecutionPermission && (!target.Contains(executionSecurityPermission) || ((denyPset != null) && denyPset.Contains(executionSecurityPermission))))
{
throw new PolicyException(Environment.GetResourceString("Policy_NoExecutionPermission"), -2146233320, exception);
}
if ((reqdPset != null) && !reqdPset.IsSubsetOf(target))
{
throw new PolicyException(Environment.GetResourceString("Policy_NoRequiredPermission"), -2146233321, exception);
}
if (denyPset != null)
{
denied = denyPset.Copy();
target.MergeDeniedSet(denied);
if (denied.IsEmpty())
{
denied = null;
}
}
else
{
denied = null;
}
target.IgnoreTypeLoadFailures = true;
return(target);
}
internal void SetPermitOnly(PermissionSet permSet)
{
// permSet must not be null
m_restriction = permSet.Copy();
// This increment should be the last operation in this method.
// If placed earlier, permSet.Copy might trigger a security check, which will try to update the overrides count
// But m_restriction would not be updated yet, so it'll reset override count to zero, which is wrong.
IncrementOverridesCount();
}
private static PermissionSet ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, out PermissionSet denied, bool checkExecutionPermission)
{
if (SecurityManager.executionSecurityPermission == null)
{
SecurityManager.executionSecurityPermission = new SecurityPermission(SecurityPermissionFlag.Execution);
}
Exception exception = null;
PermissionSet permissionSet;
if (reqdPset == null)
{
permissionSet = optPset;
}
else
{
permissionSet = ((optPset == null) ? null : reqdPset.Union(optPset));
}
if (permissionSet != null && !permissionSet.IsUnrestricted())
{
permissionSet.AddPermission(SecurityManager.executionSecurityPermission);
}
if (evidence == null)
{
evidence = new Evidence();
}
PermissionSet permissionSet2 = SecurityManager.polmgr.Resolve(evidence);
if (permissionSet != null)
{
permissionSet2.InplaceIntersect(permissionSet);
}
if (checkExecutionPermission && (!permissionSet2.Contains(SecurityManager.executionSecurityPermission) || (denyPset != null && denyPset.Contains(SecurityManager.executionSecurityPermission))))
{
throw new PolicyException(Environment.GetResourceString("Policy_NoExecutionPermission"), -2146233320, exception);
}
if (reqdPset != null && !reqdPset.IsSubsetOf(permissionSet2))
{
throw new PolicyException(Environment.GetResourceString("Policy_NoRequiredPermission"), -2146233321, exception);
}
if (denyPset != null)
{
denied = denyPset.Copy();
permissionSet2.MergeDeniedSet(denied);
if (denied.IsEmpty())
{
denied = null;
}
}
else
{
denied = null;
}
permissionSet2.IgnoreTypeLoadFailures = true;
return(permissionSet2);
}
// Token: 0x06001D45 RID: 7493 RVA: 0x00065BE8 File Offset: 0x00063DE8
internal void UpdateRefused(PermissionSet in_r)
{
if (in_r != null)
{
if (this.RefusedSet == null)
{
this.RefusedSet = in_r.Copy();
return;
}
this.RefusedSet.InplaceUnion(in_r);
}
}
internal void UpdateGrant(PermissionSet in_g)
{
if (in_g != null)
{
if (this.GrantSet == null)
{
this.GrantSet = in_g.Copy();
return;
}
this.GrantSet.InplaceIntersect(in_g);
}
}
internal PermissionSetTriple UpdateAssert(PermissionSet in_a)
{
PermissionSetTriple retTriple = null;
if (in_a != null)
{
Debug.Assert((!in_a.IsUnrestricted() || RefusedSet == null), "Cannot be unrestricted or refused must be null");
// if we're already asserting in_a, nothing to do
if (in_a.IsSubsetOf(AssertSet))
{
return(null);
}
PermissionSet retPs;
if (GrantSet != null)
{
retPs = in_a.Intersect(GrantSet); // Restrict the assert to what we've already been granted
}
else
{
GrantSet = new PermissionSet(true);
retPs = in_a.Copy(); // Currently unrestricted Grant: assert the whole assert set
}
bool bFailedToCompress = false;
// removes anything that is already in the refused set from the assert set
if (RefusedSet != null)
{
retPs = PermissionSet.RemoveRefusedPermissionSet(retPs, RefusedSet, out bFailedToCompress);
}
if (!bFailedToCompress)
{
bFailedToCompress = PermissionSet.IsIntersectingAssertedPermissions(retPs, AssertSet);
}
if (bFailedToCompress)
{
retTriple = new PermissionSetTriple(this);
this.Reset();
this.GrantSet = retTriple.GrantSet.Copy();
}
if (AssertSet == null)
{
AssertSet = retPs;
}
else
{
AssertSet.InplaceUnion(retPs);
}
}
return(retTriple);
}
internal void UpdateGrant(PermissionSet in_g)
{
if (in_g != null)
{
if (GrantSet == null)
{
GrantSet = in_g.Copy();
}
else
{
GrantSet.InplaceIntersect(in_g);
}
}
}
internal void UpdateRefused(PermissionSet in_r)
{
if (in_r != null)
{
if (RefusedSet == null)
{
RefusedSet = in_r.Copy();
}
else
{
RefusedSet.InplaceUnion(in_r);
}
}
}
public PolicyStatement( PermissionSet permSet, PolicyStatementAttribute attributes )
{
if (permSet == null)
{
m_permSet = new PermissionSet( false );
}
else
{
m_permSet = permSet.Copy();
}
if (ValidProperties( attributes ))
{
m_attributes = attributes;
}
}
public PolicyStatement(System.Security.PermissionSet permSet, PolicyStatementAttribute attributes)
{
if (permSet == null)
{
this.m_permSet = new System.Security.PermissionSet(false);
}
else
{
this.m_permSet = permSet.Copy();
}
if (ValidProperties(attributes))
{
this.m_attributes = attributes;
}
}
private static PermissionSet ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, out PermissionSet denied, bool checkExecutionPermission)
{
if (SecurityManager.executionSecurityPermission == null)
{
SecurityManager.executionSecurityPermission = new SecurityPermission(SecurityPermissionFlag.Execution);
}
Exception exception = (Exception)null;
PermissionSet other1 = optPset;
PermissionSet other2 = reqdPset != null ? (other1 == null ? (PermissionSet)null : reqdPset.Union(other1)) : other1;
if (other2 != null && !other2.IsUnrestricted())
{
other2.AddPermission((IPermission)SecurityManager.executionSecurityPermission);
}
if (evidence == null)
{
evidence = new Evidence();
}
PermissionSet target = SecurityManager.polmgr.Resolve(evidence);
if (other2 != null)
{
target.InplaceIntersect(other2);
}
if (checkExecutionPermission && (!target.Contains((IPermission)SecurityManager.executionSecurityPermission) || denyPset != null && denyPset.Contains((IPermission)SecurityManager.executionSecurityPermission)))
{
throw new PolicyException(Environment.GetResourceString("Policy_NoExecutionPermission"), -2146233320, exception);
}
if (reqdPset != null && !reqdPset.IsSubsetOf(target))
{
throw new PolicyException(Environment.GetResourceString("Policy_NoRequiredPermission"), -2146233321, exception);
}
if (denyPset != null)
{
denied = denyPset.Copy();
target.MergeDeniedSet(denied);
if (denied.IsEmpty())
{
denied = (PermissionSet)null;
}
}
else
{
denied = (PermissionSet)null;
}
target.IgnoreTypeLoadFailures = true;
return(target);
}
private PolicyStatement( PermissionSet permSet, PolicyStatementAttribute attributes, bool copy )
{
if (permSet != null)
{
if (copy)
m_permSet = permSet.Copy();
else
m_permSet = permSet;
}
else
{
m_permSet = new PermissionSet( false );
}
m_attributes = attributes;
}
internal PermissionSetTriple UpdateAssert(PermissionSet in_a)
{
PermissionSetTriple permissionSetTriple = (PermissionSetTriple)null;
if (in_a != null)
{
if (in_a.IsSubsetOf(this.AssertSet))
{
return((PermissionSetTriple)null);
}
PermissionSet permissionSet;
if (this.GrantSet != null)
{
permissionSet = in_a.Intersect(this.GrantSet);
}
else
{
this.GrantSet = new PermissionSet(true);
permissionSet = in_a.Copy();
}
bool bFailedToCompress = false;
if (this.RefusedSet != null)
{
permissionSet = PermissionSet.RemoveRefusedPermissionSet(permissionSet, this.RefusedSet, out bFailedToCompress);
}
if (!bFailedToCompress)
{
bFailedToCompress = PermissionSet.IsIntersectingAssertedPermissions(permissionSet, this.AssertSet);
}
if (bFailedToCompress)
{
permissionSetTriple = new PermissionSetTriple(this);
this.Reset();
this.GrantSet = permissionSetTriple.GrantSet.Copy();
}
if (this.AssertSet == null)
{
this.AssertSet = permissionSet;
}
else
{
this.AssertSet.InplaceUnion(permissionSet);
}
}
return(permissionSetTriple);
}
internal void UpdateGrant(PermissionSet in_g, out ZoneIdentityPermission z, out UrlIdentityPermission u)
{
z = null;
u = null;
if (in_g != null)
{
if (this.GrantSet == null)
{
this.GrantSet = in_g.Copy();
}
else
{
this.GrantSet.InplaceIntersect(in_g);
}
z = (ZoneIdentityPermission)in_g.GetPermission(this.ZoneToken);
u = (UrlIdentityPermission)in_g.GetPermission(this.UrlToken);
}
}
private PolicyStatement(System.Security.PermissionSet permSet, PolicyStatementAttribute attributes, bool copy)
{
if (permSet != null)
{
if (copy)
{
this.m_permSet = permSet.Copy();
}
else
{
this.m_permSet = permSet;
}
}
else
{
this.m_permSet = new System.Security.PermissionSet(false);
}
this.m_attributes = attributes;
}
internal PermissionSetTriple UpdateAssert(PermissionSet in_a)
{
PermissionSetTriple triple = null;
if (in_a != null)
{
PermissionSet set;
bool flag;
if (in_a.IsSubsetOf(this.AssertSet))
{
return(null);
}
if (this.GrantSet != null)
{
set = in_a.Intersect(this.GrantSet);
}
else
{
this.GrantSet = new PermissionSet(true);
set = in_a.Copy();
}
set = PermissionSet.RemoveRefusedPermissionSet(set, this.RefusedSet, out flag);
if (!flag)
{
flag = PermissionSet.IsIntersectingAssertedPermissions(set, this.AssertSet);
}
if (flag)
{
triple = new PermissionSetTriple(this);
this.Reset();
this.GrantSet = triple.GrantSet.Copy();
}
if (this.AssertSet == null)
{
this.AssertSet = set;
return(triple);
}
this.AssertSet.InplaceUnion(set);
}
return(triple);
}
// GetDeclaredPermissions
// Returns a deep copy to classes declared permissions.
public virtual PermissionSet GetDeclaredPermissions(Object obj, int action)
{
PermissionSet ps = GetDeclaredPermissionsP(obj, action);
return(ps.Copy());
}
[System.Security.SecurityCritical] // auto-generated
internal PermissionSetTriple UpdateAssert(PermissionSet in_a)
{
PermissionSetTriple retTriple = null;
if (in_a != null)
{
Contract.Assert((!in_a.IsUnrestricted() || RefusedSet == null), "Cannot be unrestricted or refused must be null");
// if we're already asserting in_a, nothing to do
if (in_a.IsSubsetOf(AssertSet))
return null;
PermissionSet retPs;
if (GrantSet != null)
retPs = in_a.Intersect(GrantSet); // Restrict the assert to what we've already been granted
else
{
GrantSet = new PermissionSet(true);
retPs = in_a.Copy(); // Currently unrestricted Grant: assert the whole assert set
}
bool bFailedToCompress = false;
// removes anything that is already in the refused set from the assert set
if (RefusedSet != null)
{
retPs = PermissionSet.RemoveRefusedPermissionSet(retPs, RefusedSet, out bFailedToCompress);
}
if (!bFailedToCompress)
bFailedToCompress = PermissionSet.IsIntersectingAssertedPermissions(retPs, AssertSet);
if (bFailedToCompress)
{
retTriple = new PermissionSetTriple(this);
this.Reset();
this.GrantSet = retTriple.GrantSet.Copy();
}
if (AssertSet == null)
AssertSet = retPs;
else
AssertSet.InplaceUnion(retPs);
}
return retTriple;
}
internal void UpdateRefused(PermissionSet in_r)
{
if (in_r != null)
{
if (RefusedSet == null)
RefusedSet = in_r.Copy();
else
RefusedSet.InplaceUnion(in_r);
}
}
internal void SetAssert(PermissionSet permSet)
{
this.m_assertions = permSet.Copy();
this.m_AssertFT = this.m_AssertFT || this.m_assertions.IsUnrestricted();
FrameSecurityDescriptor.IncrementAssertCount();
}
internal void SetAssert(PermissionSet permSet)
{
m_assertions = permSet.Copy();
m_AssertFT = m_AssertFT || (CodeAccessSecurityEngine.DoesFullTrustMeanFullTrust() && m_assertions.IsUnrestricted());
IncrementAssertCount();
}
[System.Security.SecurityCritical] // auto-generated
static private PermissionSet ResolvePolicy(Evidence evidence,
PermissionSet reqdPset,
PermissionSet optPset,
PermissionSet denyPset,
out PermissionSet denied,
bool checkExecutionPermission)
{
Contract.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled);
if (executionSecurityPermission == null)
{
executionSecurityPermission = new SecurityPermission(SecurityPermissionFlag.Execution);
}
PermissionSet requested = null;
PermissionSet optional;
PermissionSet allowed;
Exception savedException = null;
// We don't want to recurse back into here as a result of a
// stackwalk during resolution. So simply assert full trust (this
// implies that custom permissions cannot use any permissions that
// don't implement IUnrestrictedPermission.
// PermissionSet.s_fullTrust.Assert();
// The requested set is the union of the minimal request and the
// optional request. Minimal request defaults to empty, optional
// is "AllPossible" (includes any permission that can be defined)
// which is symbolized by null.
optional = optPset;
if (reqdPset == null)
{
requested = optional;
}
else
{
// If optional is null, the requested set becomes null/"AllPossible".
requested = optional == null ? null : reqdPset.Union(optional);
}
// Make sure that the right to execute is requested (if this feature is
// enabled).
if (requested != null && !requested.IsUnrestricted())
{
requested.AddPermission(executionSecurityPermission);
}
// If we aren't passed any evidence, just make an empty object
if (evidence == null)
{
evidence = new Evidence();
}
allowed = polmgr.Resolve(evidence);
// Intersect the grant with the RequestOptional
if (requested != null)
{
allowed.InplaceIntersect(requested);
}
// Check that we were granted the right to execute.
if (checkExecutionPermission)
{
if (!allowed.Contains(executionSecurityPermission) ||
(denyPset != null && denyPset.Contains(executionSecurityPermission)))
{
throw new PolicyException(Environment.GetResourceString("Policy_NoExecutionPermission"),
System.__HResults.CORSEC_E_NO_EXEC_PERM,
savedException);
}
}
// Check that we were granted at least the minimal set we asked for. Do
// this before pruning away any overlap with the refused set so that
// users have the flexability of defining minimal permissions that are
// only expressable as set differences (e.g. allow access to "C:\" but
// disallow "C:\Windows").
if (reqdPset != null && !reqdPset.IsSubsetOf(allowed))
{
BCLDebug.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled, "Evaluating assembly level declarative security without legacy CAS policy enabled");
throw new PolicyException(Environment.GetResourceString("Policy_NoRequiredPermission"),
System.__HResults.CORSEC_E_MIN_GRANT_FAIL,
savedException);
}
// Remove any granted permissions that are safe subsets of some denied
// permission. The remaining denied permissions (if any) are returned
// along with the modified grant set for use in checks.
if (denyPset != null)
{
BCLDebug.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled, "Evaluating assembly level declarative security without legacy CAS policy enabled");
denied = denyPset.Copy();
allowed.MergeDeniedSet(denied);
if (denied.IsEmpty())
{
denied = null;
}
}
else
{
denied = null;
}
allowed.IgnoreTypeLoadFailures = true;
return(allowed);
}
[System.Security.SecurityCritical] // auto-generated
internal void SetDeny(PermissionSet permSet)
{
m_denials = permSet.Copy();
IncrementOverridesCount();
}
public void IsSubset_OnePermission ()
{
SecurityPermission sp = new SecurityPermission (SecurityPermissionFlag.Assertion);
PermissionSet ps1 = new PermissionSet (PermissionState.None);
ps1.AddPermission (sp);
PermissionSet ps2 = new PermissionSet (PermissionState.None);
Assert.IsTrue (!ps1.IsSubsetOf (null), "PS1.IsSubset(null)");
Assert.IsTrue (!ps1.IsSubsetOf (ps2), "PS1.IsSubset(None)");
Assert.IsTrue (ps2.IsSubsetOf (ps1), "None.IsSubset(PS1)");
PermissionSet ps3 = ps1.Copy ();
Assert.IsTrue (ps1.IsSubsetOf (ps3), "PS1.IsSubset(PS3)");
Assert.IsTrue (ps3.IsSubsetOf (ps1), "PS3.IsSubset(PS1)");
PermissionSet ups1 = new PermissionSet (PermissionState.Unrestricted);
Assert.IsTrue (ps1.IsSubsetOf (ups1), "PS1.IsSubset(Unrestricted)");
Assert.IsTrue (!ups1.IsSubsetOf (ps1), "Unrestricted.IsSubset(PS1)");
}
public void Intersect_OnePermission ()
{
SecurityPermission sp = new SecurityPermission (SecurityPermissionFlag.Assertion);
PermissionSet ps1 = new PermissionSet (PermissionState.None);
ps1.AddPermission (sp);
PermissionSet ps2 = new PermissionSet (PermissionState.None);
Assert.IsNull (ps1.Intersect (null), "PS1 N null");
Assert.IsNull (ps1.Intersect (ps2), "PS1 N None");
Assert.IsNull (ps2.Intersect (ps1), "None N PS1");
PermissionSet ps3 = ps1.Copy ();
Compare ("PS1 N PS3", ps1.Intersect (ps3), false, 1);
Compare ("PS3 N PS1", ps3.Intersect (ps1), false, 1);
PermissionSet ups1 = new PermissionSet (PermissionState.Unrestricted);
Compare ("PS1 N Unrestricted", ps1.Intersect (ups1), false, 1);
Compare ("Unrestricted N PS1", ups1.Intersect (ps1), false, 1);
}
public void FromXmlOne ()
{
FileDialogPermission fdp = new FileDialogPermission (FileDialogPermissionAccess.Open);
PermissionSet ps1 = new PermissionSet (PermissionState.None);
ps1.AddPermission (fdp);
Assert.IsTrue (!ps1.IsEmpty (), "ps1.IsEmpty");
PermissionSet ps = new PermissionSet (ps1);
SecurityElement se = ps.ToXml ();
Assert.IsNotNull (se, "One.ToXml()");
Assert.AreEqual (1, ps.Count, "One.Count");
PermissionSet ps2 = (PermissionSet) ps.Copy ();
ps2.FromXml (se);
Assert.IsTrue (!ps2.IsUnrestricted () , "FromXml-Copy.IsUnrestricted");
Assert.AreEqual (1, ps2.Count, "Copy.Count");
se.AddAttribute ("Unrestricted", "true");
ps2.FromXml (se);
Assert.IsTrue (ps2.IsUnrestricted (), "FromXml-Unrestricted.IsUnrestricted");
#if NET_2_0
Assert.AreEqual (0, ps2.Count, "Unrestricted.Count");
#else
// IPermission not shown in XML but still present in Count
Assert.AreEqual (1, ps2.Count, "Unrestricted.Count");
#endif
}
public void Copy_Unrestricted ()
{
PermissionSet ps = new PermissionSet (PermissionState.Unrestricted);
PermissionSet copy = ps.Copy ();
Assert.IsTrue (copy.IsUnrestricted (), "1.State");
Assert.AreEqual (0, copy.Count, "1.Count");
SecurityPermission sp = new SecurityPermission (SecurityPermissionFlag.ControlEvidence);
IPermission result = ps.AddPermission (sp);
Assert.IsNotNull (result, "1.Add");
copy = ps.Copy ();
Assert.IsTrue (copy.IsUnrestricted (), "2.State");
Assert.AreEqual (0, copy.Count, "2.Count");
ZoneIdentityPermission zip = new ZoneIdentityPermission (SecurityZone.MyComputer);
result = ps.AddPermission (zip);
Assert.IsNotNull (result, "2.Add");
copy = ps.Copy ();
Assert.IsTrue (copy.IsUnrestricted (), "3.State");
#if NET_2_0
// Identity permissions aren't added to unrestricted permission sets in 2.0
Assert.AreEqual (0, copy.Count, "3.Count");
#else
Assert.AreEqual (1, copy.Count, "3.Count");
#endif
}
public void Union_OneNonIUnrestrictedPermission ()
{
ZoneIdentityPermission zip = new ZoneIdentityPermission (SecurityZone.MyComputer);
PermissionSet ps1 = new PermissionSet (PermissionState.None);
ps1.AddPermission (zip);
PermissionSet ps2 = new PermissionSet (PermissionState.None);
Compare ("PS1 U null", ps1.Union (null), false, 1);
Compare ("PS1 U None", ps1.Union (ps2), false, 1);
Compare ("None U PS1", ps2.Union (ps1), false, 1);
PermissionSet ps3 = ps1.Copy ();
Compare ("PS1 U PS3", ps1.Union (ps3), false, 1);
Compare ("PS3 U PS1", ps3.Union (ps1), false, 1);
PermissionSet ups1 = new PermissionSet (PermissionState.Unrestricted);
ups1.AddPermission (zip);
#if NET_2_0
// Identity permissions aren't added to unrestricted permission sets in 2.0
Compare ("PS1 U Unrestricted", ps1.Union (ups1), true, 0);
Compare ("Unrestricted U PS1", ups1.Union (ps1), true, 0);
PermissionSet ups2 = new PermissionSet (PermissionState.Unrestricted);
Compare ("UPS1 U UPS2", ups1.Union (ups1), true, 0);
Compare ("UPS2 U UPS1", ups2.Union (ups1), true, 0);
ups2.AddPermission (zip);
Compare ("UPS1 U UPS2+ZIP", ups1.Union (ups2), true, 0);
Compare ("UPS2+ZIP U UPS1", ups2.Union (ups1), true, 0);
#else
Compare ("PS1 U Unrestricted", ps1.Union (ups1), true, 1);
Compare ("Unrestricted U PS1", ups1.Union (ps1), true, 1);
PermissionSet ups2 = new PermissionSet (PermissionState.Unrestricted);
Compare ("UPS1 U UPS2", ups1.Union (ups1), true, 1);
Compare ("UPS2 U UPS1", ups2.Union (ups1), true, 1);
ups2.AddPermission (zip);
Compare ("UPS1 U UPS2+ZIP", ups1.Union (ups2), true, 1);
Compare ("UPS2+ZIP U UPS1", ups2.Union (ups1), true, 1);
#endif
}
static private PermissionSet ResolvePolicy(Evidence evidence,
PermissionSet reqdPset,
PermissionSet optPset,
PermissionSet denyPset,
out PermissionSet denied,
bool checkExecutionPermission)
{
PermissionSet requested;
PermissionSet optional;
PermissionSet allowed;
Exception savedException = null;
// We don't want to recurse back into here as a result of a
// stackwalk during resolution. So simply assert full trust (this
// implies that custom permissions cannot use any permissions that
// don't implement IUnrestrictedPermission.
// PermissionSet.s_fullTrust.Assert();
// The requested set is the union of the minimal request and the
// optional request. Minimal request defaults to empty, optional
// is "AllPossible" (includes any permission that can be defined)
// which is symbolized by null.
optional = optPset;
if (reqdPset == null)
{
requested = optional;
}
else
{
// If optional is null, the requested set becomes null/"AllPossible".
requested = optional == null ? null : reqdPset.Union(optional);
}
// Make sure that the right to execute is requested (if this feature is
// enabled).
if (requested != null && !requested.IsUnrestricted() && CheckExecution())
{
requested.AddPermission(executionSecurityPermission);
}
if (InitPolicy())
{
// If we aren't passed any evidence, just make an empty object
// If we are passed evidence, copy it before passing it
// to the policy manager.
// Note: this is not a deep copy, the pieces of evidence within the
// Evidence object can still be altered and affect the originals.
if (evidence == null)
{
evidence = new Evidence();
}
else
{
evidence = evidence.ShallowCopy();
}
evidence.AddHost(new PermissionRequestEvidence(reqdPset, optPset, denyPset));
// We need to make sure that no stray exceptions come out of Resolve so
// we wrap it in a try block.
try
{
allowed = polmgr.Resolve(evidence, requested);
}
catch (Exception e)
{
#if _DEBUG
if (debug)
{
DEBUG_OUT("Exception during resolve");
DEBUG_OUT(e.GetType().FullName);
DEBUG_OUT(e.Message);
DEBUG_OUT(e.StackTrace);
}
#endif
// If we get a policy exception, we are done are we are going to fail to
// load no matter what.
if (e is PolicyException)
{
throw e;
}
// If we get any other kid of exception, we set the allowed set to the
// empty set and continue processing as normal. This allows assemblies
// that make no request to be loaded but blocks any assembly that
// makes a request from being loaded. This seems like a valid design to
// me -- gregfee 6/19/2000
savedException = e;
allowed = new PermissionSet();
}
}
else
{
denied = null;
return(null);
}
#if _DEBUG
if (debug)
{
DEBUG_OUT("ResolvePolicy:");
IEnumerator enumerator = evidence.GetEnumerator();
DEBUG_OUT("Evidence:");
while (enumerator.MoveNext())
{
Object obj = enumerator.Current;
if (obj is Site)
{
DEBUG_OUT(((Site)obj).ToXml().ToString());
}
else if (obj is Zone)
{
DEBUG_OUT(((Zone)obj).ToXml().ToString());
}
else if (obj is Url)
{
DEBUG_OUT(((Url)obj).ToXml().ToString());
}
else if (obj is Publisher)
{
DEBUG_OUT(((Publisher)obj).ToXml().ToString());
}
else if (obj is StrongName)
{
DEBUG_OUT(((StrongName)obj).ToXml().ToString());
}
else if (obj is PermissionRequestEvidence)
{
DEBUG_OUT(((PermissionRequestEvidence)obj).ToXml().ToString());
}
}
DEBUG_OUT("Required permissions:");
DEBUG_OUT(reqdPset != null ? reqdPset.ToString() : "<null>");
DEBUG_OUT("Optional permissions:");
DEBUG_OUT(optPset != null ? optPset.ToString() : "<null>");
DEBUG_OUT("Denied permissions:");
DEBUG_OUT(denyPset != null ? denyPset.ToString() : "<null>");
DEBUG_OUT("Requested permissions:");
DEBUG_OUT(requested != null ? requested.ToString() : "<null>");
DEBUG_OUT("Granted permissions:");
DEBUG_OUT(allowed != null ? allowed.ToString() : "<null>");
}
#endif
// Check that we were granted the right to execute.
if (!allowed.IsUnrestricted() && checkExecutionPermission && CheckExecution())
{
SecurityPermission secPerm = (SecurityPermission)allowed.GetPermission(securityPermissionType);
if (secPerm == null || !executionSecurityPermission.IsSubsetOf(secPerm))
{
#if _DEBUG
DEBUG_OUT("No execute permission");
#endif
throw new PolicyException(Environment.GetResourceString("Policy_NoExecutionPermission"),
System.__HResults.CORSEC_E_NO_EXEC_PERM,
savedException);
}
}
// Check that we were granted at least the minimal set we asked for. Do
// this before pruning away any overlap with the refused set so that
// users have the flexability of defining minimal permissions that are
// only expressable as set differences (e.g. allow access to "C:\" but
// disallow "C:\Windows").
if (reqdPset != null && !reqdPset.IsSubsetOf(allowed))
{
#if _DEBUG
DEBUG_OUT("Didn't get required permissions");
#endif
throw new PolicyException(Environment.GetResourceString("Policy_NoRequiredPermission"),
System.__HResults.CORSEC_E_MIN_GRANT_FAIL,
savedException);
}
// Remove any granted permissions that are safe subsets of some denied
// permission. The remaining denied permissions (if any) are returned
// along with the modified grant set for use in checks.
if (denyPset != null)
{
denied = denyPset.Copy();
allowed.MergeDeniedSet(denied);
if (denied.IsEmpty())
{
denied = null;
}
}
else
{
denied = null;
}
#if _DEBUG
if (debug)
{
DEBUG_OUT("Final denied permissions:");
DEBUG_OUT(denied != null ? denied.ToString() : "<null>");
}
#endif
return(allowed);
}
internal void SetPermitOnly(PermissionSet permSet)
{
this.m_restriction = permSet.Copy();
FrameSecurityDescriptor.IncrementOverridesCount();
}
private static bool FrameDescSetHelper(FrameSecurityDescriptor secDesc,
PermissionSet demandSet,
out PermissionSet alteredDemandSet)
{
PermissionSet permSet;
// In the common case we are not going to alter the demand set, so just to
// be safe we'll set it to null up front.
// There's some oddness in here to deal with exceptions. The general idea behind
// this is that we need some way of dealing with custom permissions that may not
// handle all possible scenarios of Union(), Intersect(), and IsSubsetOf() properly
// (they don't support it, throw null reference exceptions, etc.).
alteredDemandSet = null;
// An empty demand always succeeds.
if (demandSet == null || demandSet.IsEmpty())
{
return(StackHalt);
}
// In the case of permit only, we define an exception to be failure of the check
// and therefore we throw a security exception.
try
{
permSet = secDesc.GetPermitOnly();
if (permSet != null)
{
if (!demandSet.IsSubsetOf(permSet))
{
throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"));
}
}
}
catch (Exception)
{
throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"));
}
// In the case of denial, we define an exception to be failure of the check
// and therefore we throw a security exception.
try
{
permSet = secDesc.GetDenials();
#if _DEBUG
if (debug)
{
DEBUG_OUT("Checking Denials");
DEBUG_OUT("denials set =\n" + permSet.ToXml().ToString());
DEBUG_OUT("demandSet =\n" + demandSet.ToXml().ToString());
}
#endif
if (permSet != null)
{
PermissionSet intersection = demandSet.Intersect(permSet);
if (intersection != null && !intersection.IsEmpty())
{
throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"));
}
}
}
catch (Exception)
{
throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"));
}
// The assert case is more complex. Since asserts have the ability to "bleed through"
// (where part of a demand is handled by an assertion, but the rest is passed on to
// continue the stackwalk), we need to be more careful in handling the "failure" case.
// Therefore, if an exception is thrown in performing any operation, we make sure to keep
// that permission in the demand set thereby continuing the demand for that permission
// walking down the stack.
if (secDesc.GetAssertAllPossible())
{
return(StackHalt);
}
permSet = secDesc.GetAssertions();
if (permSet != null)
{
// If this frame asserts a superset of the demand set we're done
try
{
if (demandSet.IsSubsetOf(permSet))
{
return(StackHalt);
}
}
catch (Exception)
{
}
// Determine whether any of the demand set asserted. We do this by
// copying the demand set and removing anything in it that is asserted.
if (!permSet.IsUnrestricted())
{
PermissionSetEnumerator enumerator = (PermissionSetEnumerator)demandSet.GetEnumerator();
while (enumerator.MoveNext())
{
IPermission perm
= (IPermission)enumerator.Current;
int i = enumerator.GetCurrentIndex();
if (perm != null)
{
bool unrestricted = perm is System.Security.Permissions.IUnrestrictedPermission;
IPermission assertPerm
= (IPermission)permSet.GetPermission(i, unrestricted);
bool removeFromAlteredDemand = false;
try
{
removeFromAlteredDemand = perm.IsSubsetOf(assertPerm);
}
catch (Exception)
{
}
if (removeFromAlteredDemand)
{
if (alteredDemandSet == null)
{
alteredDemandSet = demandSet.Copy();
}
alteredDemandSet.RemovePermission(i, unrestricted);
}
}
}
}
}
return(StackContinue);
}
[System.Security.SecurityCritical] // auto-generated
internal void SetAssert(PermissionSet permSet)
{
m_assertions = permSet.Copy();
m_AssertFT = m_AssertFT || m_assertions.IsUnrestricted();
IncrementAssertCount();
}
public void IsSubset_NonCasPermission_Unrestricted ()
{
PermissionSet ps1 = new PermissionSet (PermissionState.None);
ps1.AddPermission (new PrincipalPermission (PermissionState.Unrestricted));
PermissionSet ps2 = new PermissionSet (PermissionState.None);
Assert.IsTrue (!ps1.IsSubsetOf (null), "PS1.IsSubset(null)");
Assert.IsTrue (!ps1.IsSubsetOf (ps2), "PS1.IsSubset(None)");
Assert.IsTrue (ps2.IsSubsetOf (ps1), "None.IsSubset(PS1)");
PermissionSet ps3 = ps1.Copy ();
Assert.IsTrue (ps1.IsSubsetOf (ps3), "PS1.IsSubset(PS3)");
Assert.IsTrue (ps3.IsSubsetOf (ps1), "PS3.IsSubset(PS1)");
PermissionSet ups1 = new PermissionSet (PermissionState.Unrestricted);
#if NET_2_0
Assert.IsTrue (ps1.IsSubsetOf (ups1), "PS1.IsSubset(Unrestricted)");
#else
Assert.IsTrue (!ps1.IsSubsetOf (ups1), "PS1.IsSubset(Unrestricted)");
#endif
Assert.IsTrue (!ups1.IsSubsetOf (ps1), "Unrestricted.IsSubset(PS1)");
}
[System.Security.SecurityCritical] // auto-generated
internal void SetPermitOnly(PermissionSet permSet)
{
// permSet must not be null
m_restriction = permSet.Copy();
IncrementOverridesCount();
}
internal void SetDeny(PermissionSet permSet)
{
this.m_denials = permSet.Copy();
FrameSecurityDescriptor.IncrementOverridesCount();
}
internal void SetAssert(PermissionSet permSet)
{
m_assertions = permSet.Copy();
}
[System.Security.SecurityCritical] // auto-generated
internal void UpdateGrant(PermissionSet in_g)
{
if (in_g != null)
{
if (GrantSet == null)
GrantSet = in_g.Copy();
else
GrantSet.InplaceIntersect(in_g);
}
}
[System.Security.SecurityCritical] // auto-generated
internal void SetDeny(PermissionSet permSet)
{
m_denials = permSet.Copy();
IncrementOverridesCount();
}
internal void SetPermitOnly(PermissionSet permSet)
{
this.m_restriction = permSet.Copy();
IncrementOverridesCount();
}
public void Union_OnePermission ()
{
SecurityPermission sp = new SecurityPermission (SecurityPermissionFlag.Assertion);
PermissionSet ps1 = new PermissionSet (PermissionState.None);
ps1.AddPermission (sp);
PermissionSet ps2 = new PermissionSet (PermissionState.None);
Compare ("PS1 U null", ps1.Union (null), false, 1);
Compare ("PS1 U None", ps1.Union (ps2), false, 1);
Compare ("None U PS1", ps2.Union (ps1), false, 1);
PermissionSet ps3 = ps1.Copy ();
Compare ("PS1 U PS3", ps1.Union (ps3), false, 1);
Compare ("PS3 U PS1", ps3.Union (ps1), false, 1);
PermissionSet ups1 = new PermissionSet (PermissionState.Unrestricted);
Compare ("PS1 U Unrestricted", ps1.Union (ups1), true, 0);
Compare ("Unrestricted U PS1", ups1.Union (ps1), true, 0);
}
private static bool FrameDescSetHelper(FrameSecurityDescriptor secDesc,
PermissionSet demandSet,
out PermissionSet alteredDemandSet)
{
PermissionSet permSet;
// In the common case we are not going to alter the demand set, so just to
// be safe we'll set it to null up front.
// There's some oddness in here to deal with exceptions. The general idea behind
// this is that we need some way of dealing with custom permissions that may not
// handle all possible scenarios of Union(), Intersect(), and IsSubsetOf() properly
// (they don't support it, throw null reference exceptions, etc.).
alteredDemandSet = null;
// An empty demand always succeeds.
if (demandSet == null || demandSet.IsEmpty())
return StackHalt;
// In the case of permit only, we define an exception to be failure of the check
// and therefore we throw a security exception.
try
{
permSet = secDesc.GetPermitOnly();
if (permSet != null)
{
if (!demandSet.IsSubsetOf(permSet))
{
throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"));
}
}
}
catch (Exception)
{
throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"));
}
// In the case of denial, we define an exception to be failure of the check
// and therefore we throw a security exception.
try
{
permSet = secDesc.GetDenials();
#if _DEBUG
if (debug)
{
DEBUG_OUT("Checking Denials");
DEBUG_OUT("denials set =\n" + permSet.ToXml().ToString() );
DEBUG_OUT("demandSet =\n" + demandSet.ToXml().ToString() );
}
#endif
if (permSet != null)
{
PermissionSet intersection = demandSet.Intersect(permSet);
if (intersection != null && !intersection.IsEmpty())
{
throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"));
}
}
}
catch (Exception)
{
throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"));
}
// The assert case is more complex. Since asserts have the ability to "bleed through"
// (where part of a demand is handled by an assertion, but the rest is passed on to
// continue the stackwalk), we need to be more careful in handling the "failure" case.
// Therefore, if an exception is thrown in performing any operation, we make sure to keep
// that permission in the demand set thereby continuing the demand for that permission
// walking down the stack.
if (secDesc.GetAssertAllPossible())
{
return StackHalt;
}
permSet = secDesc.GetAssertions();
if (permSet != null)
{
// If this frame asserts a superset of the demand set we're done
try
{
if (demandSet.IsSubsetOf( permSet ))
return StackHalt;
}
catch (Exception)
{
}
// Determine whether any of the demand set asserted. We do this by
// copying the demand set and removing anything in it that is asserted.
if (!permSet.IsUnrestricted())
{
PermissionSetEnumerator enumerator = (PermissionSetEnumerator)demandSet.GetEnumerator();
while (enumerator.MoveNext())
{
IPermission perm
= (IPermission)enumerator.Current;
int i = enumerator.GetCurrentIndex();
if (perm != null)
{
bool unrestricted = perm is System.Security.Permissions.IUnrestrictedPermission;
IPermission assertPerm
= (IPermission)permSet.GetPermission(i, unrestricted);
bool removeFromAlteredDemand = false;
try
{
removeFromAlteredDemand = perm.IsSubsetOf(assertPerm);
}
catch (Exception)
{
}
if (removeFromAlteredDemand)
{
if (alteredDemandSet == null)
alteredDemandSet = demandSet.Copy();
alteredDemandSet.RemovePermission(i, unrestricted);
}
}
}
}
}
return StackContinue;
}
public void Copy_None ()
{
PermissionSet ps = new PermissionSet (PermissionState.None);
PermissionSet copy = ps.Copy ();
Assert.IsTrue (!copy.IsUnrestricted (), "1.State");
Assert.AreEqual (0, copy.Count, "1.Count");
SecurityPermission sp = new SecurityPermission (SecurityPermissionFlag.ControlEvidence);
IPermission result = ps.AddPermission (sp);
Assert.IsNotNull (result, "1.Add");
copy = ps.Copy ();
Assert.IsTrue (!copy.IsUnrestricted (), "2.State");
Assert.AreEqual (1, copy.Count, "2.Count");
ZoneIdentityPermission zip = new ZoneIdentityPermission (SecurityZone.MyComputer);
result = ps.AddPermission (zip);
Assert.IsNotNull (result, "2.Add");
copy = ps.Copy ();
Assert.IsTrue (!copy.IsUnrestricted (), "3.State");
Assert.AreEqual (2, copy.Count, "3.Count");
}
public PermissionSet Union(PermissionSet other)
{
// if other is null or empty, return a clone of myself
if (other == null || other.FastIsEmpty())
{
return this.Copy();
}
if (this.FastIsEmpty())
{
return other.Copy();
}
int maxMax = -1;
PermissionSet pset = new PermissionSet();
pset.m_Unrestricted = this.m_Unrestricted || other.m_Unrestricted;
if (pset.m_Unrestricted)
{
// if the result of Union is unrestricted permset, just return
return pset;
}
// degenerate case where we look at both this.m_permSet and other.m_permSet
this.CheckSet();
other.CheckSet();
maxMax = this.m_permSet.GetMaxUsedIndex() > other.m_permSet.GetMaxUsedIndex() ? this.m_permSet.GetMaxUsedIndex() : other.m_permSet.GetMaxUsedIndex();
pset.m_permSet = new TokenBasedSet();
for (int i = 0; i <= maxMax; ++i)
{
Object thisObj = this.m_permSet.GetItem( i );
IPermission thisPerm = thisObj as IPermission;
#if FEATURE_CAS_POLICY
ISecurityElementFactory thisElem = thisObj as ISecurityElementFactory;
#endif // FEATURE_CAS_POLICY
Object otherObj = other.m_permSet.GetItem( i );
IPermission otherPerm = otherObj as IPermission;
#if FEATURE_CAS_POLICY
ISecurityElementFactory otherElem = otherObj as ISecurityElementFactory;
#endif // FEATURE_CAS_POLICY
if (thisObj == null && otherObj == null)
continue;
#if FEATURE_CAS_POLICY
if (thisElem != null && otherElem != null)
{
SecurityElement newElem;
if (this.IsUnrestricted() || other.IsUnrestricted())
newElem = new SecurityElement( s_str_PermissionUnrestrictedUnion );
else
newElem = new SecurityElement( s_str_PermissionUnion );
newElem.AddAttribute( "class", thisElem.Attribute( "class" ) );
SafeChildAdd( newElem, thisElem, true );
SafeChildAdd( newElem, otherElem, true );
pset.m_permSet.SetItem( i, newElem );
}
else
#endif // FEATURE_CAS_POLICY
if (thisObj == null)
{
#if FEATURE_CAS_POLICY
if (otherElem != null)
{
pset.m_permSet.SetItem( i, otherElem.Copy() );
Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
}
else
#endif // FEATURE_CAS_POLICY
if (otherPerm != null)
{
PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
if (((token.m_type & PermissionTokenType.IUnrestricted) == 0) || !pset.m_Unrestricted)
{
pset.m_permSet.SetItem( i, otherPerm.Copy() );
Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
}
}
}
else if (otherObj == null)
{
#if FEATURE_CAS_POLICY
if (thisElem != null)
{
pset.m_permSet.SetItem( i, thisElem.Copy() );
}
else
#endif // FEATURE_CAS_POLICY
if (thisPerm != null)
{
PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
if (((token.m_type & PermissionTokenType.IUnrestricted) == 0) || !pset.m_Unrestricted)
{
pset.m_permSet.SetItem( i, thisPerm.Copy() );
Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
}
}
}
else
{
#if FEATURE_CAS_POLICY
if (thisElem != null)
thisPerm = this.CreatePermission(thisElem, i);
if (otherElem != null)
otherPerm = other.CreatePermission(otherElem, i);
#endif // FEATURE_CAS_POLICY
IPermission unionPerm;
if(thisPerm == null)
unionPerm = otherPerm;
else if(otherPerm == null)
unionPerm = thisPerm;
else
unionPerm = thisPerm.Union( otherPerm );
pset.m_permSet.SetItem( i, unionPerm );
Contract.Assert( unionPerm == null || PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
}
}
return pset;
}
public void FromXmlEmpty ()
{
PermissionSet ps = new PermissionSet (PermissionState.None);
SecurityElement se = ps.ToXml ();
Assert.IsNotNull (se, "Empty.ToXml()");
Assert.AreEqual (0, ps.Count, "Empty.Count");
PermissionSet ps2 = (PermissionSet) ps.Copy ();
ps2.FromXml (se);
Assert.IsTrue (!ps2.IsUnrestricted () , "FromXml-Copy.IsUnrestricted");
se.AddAttribute ("Unrestricted", "true");
ps2.FromXml (se);
Assert.IsTrue (ps2.IsUnrestricted (), "FromXml-Unrestricted.IsUnrestricted");
}
internal static PermissionSet RemoveRefusedPermissionSet(PermissionSet assertSet, PermissionSet refusedSet, out bool bFailedToCompress)
{
Contract.Assert((assertSet == null || !assertSet.IsUnrestricted()), "Cannot be unrestricted here");
PermissionSet retPs = null;
bFailedToCompress = false;
if (assertSet == null)
return null;
if (refusedSet != null)
{
if (refusedSet.IsUnrestricted())
return null; // we're refusing everything...cannot assert anything now.
PermissionSetEnumeratorInternal enumerator = new PermissionSetEnumeratorInternal(refusedSet);
while (enumerator.MoveNext())
{
CodeAccessPermission refusedPerm = (CodeAccessPermission)enumerator.Current;
int i = enumerator.GetCurrentIndex();
if (refusedPerm != null)
{
CodeAccessPermission perm
= (CodeAccessPermission)assertSet.GetPermission(i);
try
{
if (refusedPerm.Intersect(perm) != null)
{
if (refusedPerm.Equals(perm))
{
if (retPs == null)
retPs = assertSet.Copy();
retPs.RemovePermission(i);
}
else
{
// Asserting a permission, part of which is already denied/refused
// cannot compress this assert
bFailedToCompress = true;
return assertSet;
}
}
}
catch (ArgumentException)
{
// Any exception during removing a refused set from assert set => we play it safe and not assert that perm
if (retPs == null)
retPs = assertSet.Copy();
retPs.RemovePermission(i);
}
}
}
}
if (retPs != null)
return retPs;
return assertSet;
}
public void GetHashCode_ ()
{
PermissionSet ps = new PermissionSet (PermissionState.None);
Assert.AreEqual (0, ps.GetHashCode (), "Empty");
SecurityPermission sp = new SecurityPermission (SecurityPermissionFlag.Assertion);
ps.AddPermission (sp);
Assert.IsTrue (ps.GetHashCode () != 0, "SecurityPermission");
PermissionSet copy = ps.Copy ();
Assert.IsTrue (ps.GetHashCode () != copy.GetHashCode (), "Copy");
}
internal static void RemoveAssertedPermissionSet(PermissionSet demandSet, PermissionSet assertSet, out PermissionSet alteredDemandSet)
{
Contract.Assert(!assertSet.IsUnrestricted(), "Cannot call this function if assertSet is unrestricted");
alteredDemandSet = null;
PermissionSetEnumeratorInternal enumerator = new PermissionSetEnumeratorInternal(demandSet);
while (enumerator.MoveNext())
{
CodeAccessPermission demandDerm = (CodeAccessPermission)enumerator.Current;
int i = enumerator.GetCurrentIndex();
if (demandDerm != null)
{
CodeAccessPermission assertPerm
= (CodeAccessPermission)assertSet.GetPermission(i);
try
{
if (demandDerm.CheckAssert(assertPerm))
{
if (alteredDemandSet == null)
alteredDemandSet = demandSet.Copy();
alteredDemandSet.RemovePermission(i);
}
}
catch (ArgumentException)
{
}
}
}
return;
}
public void Intersect_OneNonIUnrestrictedPermission ()
{
ZoneIdentityPermission zip = new ZoneIdentityPermission (SecurityZone.MyComputer);
PermissionSet ps1 = new PermissionSet (PermissionState.None);
ps1.AddPermission (zip);
PermissionSet ps2 = new PermissionSet (PermissionState.None);
Assert.IsNull (ps1.Intersect (null), "PS1 N null");
Assert.IsNull (ps1.Intersect (ps2), "PS1 N None");
Assert.IsNull (ps2.Intersect (ps1), "None N PS1");
PermissionSet ps3 = ps1.Copy ();
Compare ("PS1 N PS3", ps1.Intersect (ps3), false, 1);
Compare ("PS3 N PS1", ps3.Intersect (ps1), false, 1);
PermissionSet ups1 = new PermissionSet (PermissionState.Unrestricted);
ups1.AddPermission (zip);
Compare ("PS1 N Unrestricted", ps1.Intersect (ups1), false, 1);
Compare ("Unrestricted N PS1", ups1.Intersect (ps1), false, 1);
PermissionSet ups2 = new PermissionSet (PermissionState.Unrestricted);
Compare ("UPS1 N UPS2", ups1.Intersect (ups2), true, 0);
Compare ("UPS2 N UPS1", ups2.Intersect (ups1), true, 0);
ups2.AddPermission (zip);
#if NET_2_0
// Identity permissions aren't added to unrestricted permission sets in 2.0
Compare ("UPS1 N UPS2+ZIP", ups1.Intersect (ups2), true, 0);
Compare ("UPS2+ZIP N UPS1", ups2.Intersect (ups1), true, 0);
#else
Compare ("UPS1 N UPS2+ZIP", ups1.Intersect (ups2), true, 1);
Compare ("UPS2+ZIP N UPS1", ups2.Intersect (ups1), true, 1);
#endif
}
public PermissionSet Intersect (PermissionSet other)
{
// no intersection possible
if ((other == null) || (other.IsEmpty ()) || (this.IsEmpty ()))
return null;
PermissionState state = PermissionState.None;
if (this.IsUnrestricted () && other.IsUnrestricted ())
state = PermissionState.Unrestricted;
PermissionSet interSet = null;
// much simpler with 2.0
if (state == PermissionState.Unrestricted) {
interSet = new PermissionSet (state);
} else if (this.IsUnrestricted ()) {
interSet = other.Copy ();
} else if (other.IsUnrestricted ()) {
interSet = this.Copy ();
} else {
interSet = new PermissionSet (state);
InternalIntersect (interSet, this, other, false);
}
return interSet;
}
public void IsSubset_OneNonIUnrestrictedPermission ()
{
ZoneIdentityPermission zip = new ZoneIdentityPermission (SecurityZone.MyComputer);
PermissionSet ps1 = new PermissionSet (PermissionState.None);
ps1.AddPermission (zip);
PermissionSet ps2 = new PermissionSet (PermissionState.None);
Assert.IsTrue (!ps1.IsSubsetOf (null), "PS1.IsSubset(null)");
Assert.IsTrue (!ps1.IsSubsetOf (ps2), "PS1.IsSubset(None)");
Assert.IsTrue (ps2.IsSubsetOf (ps1), "None.IsSubset(PS1)");
PermissionSet ps3 = ps1.Copy ();
Assert.IsTrue (ps1.IsSubsetOf (ps3), "PS1.IsSubset(PS3)");
Assert.IsTrue (ps3.IsSubsetOf (ps1), "PS3.IsSubset(PS1)");
PermissionSet ups1 = new PermissionSet (PermissionState.Unrestricted);
ups1.AddPermission (zip);
Assert.IsTrue (ps1.IsSubsetOf (ups1), "PS1.IsSubset(Unrestricted)");
Assert.IsTrue (!ups1.IsSubsetOf (ps1), "Unrestricted.IsSubset(PS1)");
PermissionSet ups2 = new PermissionSet (PermissionState.Unrestricted);
#if NET_2_0
// as ZoneIdentityPermission isn't added UPS1Z == UPS2
Assert.IsTrue (ups1.IsSubsetOf (ups2), "UPS1Z.IsSubset(UPS2)");
#else
Assert.IsTrue (!ups1.IsSubsetOf (ups2), "UPS1Z.IsSubset(UPS2)");
#endif
Assert.IsTrue (ups2.IsSubsetOf (ups1), "UPS2.IsSubset(UPS1Z)");
ups2.AddPermission (zip);
Assert.IsTrue (ups1.IsSubsetOf (ups2), "UPS1Z.IsSubset(UPS2Z)");
Assert.IsTrue (ups2.IsSubsetOf (ups1), "UPS2Z.IsSubset(UPS1Z)");
}
internal static PermissionSet ComputeZonePermissionSetHelper(string targetZone, PermissionSet includedPermissionSet, ITaskItem[] dependencies, string targetFrameworkMoniker)
{
// Custom Set.
if (String.IsNullOrEmpty(targetZone) || String.Equals(targetZone, Custom, StringComparison.OrdinalIgnoreCase))
{
// just return the included set, no magic
return includedPermissionSet.Copy();
}
PermissionSet retSet = GetNamedPermissionSetFromZone(targetZone, dependencies, targetFrameworkMoniker);
return retSet;
}
[System.Security.SecurityCritical] // auto-generated
internal void SetAssert(PermissionSet permSet)
{
m_assertions = permSet.Copy();
m_AssertFT = m_AssertFT || m_assertions.IsUnrestricted();
IncrementAssertCount();
}
[System.Security.SecurityCritical] // auto-generated
static private PermissionSet ResolvePolicy(Evidence evidence,
PermissionSet reqdPset,
PermissionSet optPset,
PermissionSet denyPset,
out PermissionSet denied,
bool checkExecutionPermission)
{
Contract.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled);
if (executionSecurityPermission == null)
executionSecurityPermission = new SecurityPermission(SecurityPermissionFlag.Execution);
PermissionSet requested = null;
PermissionSet optional;
PermissionSet allowed;
Exception savedException = null;
// We don't want to recurse back into here as a result of a
// stackwalk during resolution. So simply assert full trust (this
// implies that custom permissions cannot use any permissions that
// don't implement IUnrestrictedPermission.
// PermissionSet.s_fullTrust.Assert();
// The requested set is the union of the minimal request and the
// optional request. Minimal request defaults to empty, optional
// is "AllPossible" (includes any permission that can be defined)
// which is symbolized by null.
optional = optPset;
if (reqdPset == null)
requested = optional;
else
// If optional is null, the requested set becomes null/"AllPossible".
requested = optional == null ? null : reqdPset.Union(optional);
// Make sure that the right to execute is requested (if this feature is
// enabled).
if (requested != null && !requested.IsUnrestricted())
requested.AddPermission( executionSecurityPermission );
// If we aren't passed any evidence, just make an empty object
if (evidence == null)
{
evidence = new Evidence();
}
allowed = polmgr.Resolve(evidence);
// Intersect the grant with the RequestOptional
if (requested != null)
allowed.InplaceIntersect(requested);
// Check that we were granted the right to execute.
if (checkExecutionPermission)
{
if (!allowed.Contains(executionSecurityPermission) ||
(denyPset != null && denyPset.Contains(executionSecurityPermission)))
{
throw new PolicyException(Environment.GetResourceString("Policy_NoExecutionPermission"),
System.__HResults.CORSEC_E_NO_EXEC_PERM,
savedException);
}
}
// Check that we were granted at least the minimal set we asked for. Do
// this before pruning away any overlap with the refused set so that
// users have the flexability of defining minimal permissions that are
// only expressable as set differences (e.g. allow access to "C:\" but
// disallow "C:\Windows").
if (reqdPset != null && !reqdPset.IsSubsetOf(allowed))
{
BCLDebug.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled, "Evaluating assembly level declarative security without legacy CAS policy enabled");
throw new PolicyException(Environment.GetResourceString( "Policy_NoRequiredPermission" ),
System.__HResults.CORSEC_E_MIN_GRANT_FAIL,
savedException );
}
// Remove any granted permissions that are safe subsets of some denied
// permission. The remaining denied permissions (if any) are returned
// along with the modified grant set for use in checks.
if (denyPset != null)
{
BCLDebug.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled, "Evaluating assembly level declarative security without legacy CAS policy enabled");
denied = denyPset.Copy();
allowed.MergeDeniedSet(denied);
if (denied.IsEmpty())
denied = null;
}
else
denied = null;
allowed.IgnoreTypeLoadFailures = true;
return allowed;
}
[System.Security.SecurityCritical] // auto-generated
internal void SetPermitOnly(PermissionSet permSet)
{
// permSet must not be null
m_restriction = permSet.Copy();
IncrementOverridesCount();
}
[System.Security.SecurityCritical] // auto-generated
internal void UpdateGrant(PermissionSet in_g, out ZoneIdentityPermission z,out UrlIdentityPermission u)
{
z = null;
u = null;
if (in_g != null)
{
if (GrantSet == null)
GrantSet = in_g.Copy();
else
GrantSet.InplaceIntersect(in_g);
z = (ZoneIdentityPermission)in_g.GetPermission(ZoneToken);
u = (UrlIdentityPermission)in_g.GetPermission(UrlToken);
}
}