public void PermissionSetNull () { // no exception is thrown PermissionSet ps = new PermissionSet (null); #if NET_2_0 Assert ("PermissionStateNull.IsUnrestricted", !ps.IsUnrestricted ()); Assert ("PermissionStateNull.IsEmpty", ps.IsEmpty ()); #else Assert ("PermissionStateNull.IsUnrestricted", ps.IsUnrestricted ()); Assert ("PermissionStateNull.IsEmpty", !ps.IsEmpty ()); #endif Assert ("PermissionStateNull.IsReadOnly", !ps.IsReadOnly); AssertEquals ("PermissionStateNull.ToXml().ToString()==ToString()", ps.ToXml ().ToString (), ps.ToString ()); }
public void PermissionSetNull () { // no exception is thrown PermissionSet ps = new PermissionSet (null); #if NET_2_0 Assert.IsTrue (!ps.IsUnrestricted (), "PermissionStateNull.IsUnrestricted"); Assert.IsTrue (ps.IsEmpty (), "PermissionStateNull.IsEmpty"); #else Assert.IsTrue (ps.IsUnrestricted (), "PermissionStateNull.IsUnrestricted"); Assert.IsTrue (!ps.IsEmpty (), "PermissionStateNull.IsEmpty"); #endif Assert.IsTrue (!ps.IsReadOnly, "PermissionStateNull.IsReadOnly"); Assert.AreEqual (ps.ToXml ().ToString (), ps.ToString (), "PermissionStateNull.ToXml().ToString()==ToString()"); Assert.IsTrue (!ps.ContainsNonCodeAccessPermissions (), "ContainsNonCodeAccessPermissions"); }
public void PermissionStateUnrestricted () { PermissionSet ps = new PermissionSet (PermissionState.Unrestricted); Assert ("PermissionStateUnrestricted.IsUnrestricted", ps.IsUnrestricted ()); Assert ("PermissionStateUnrestricted.IsEmpty", !ps.IsEmpty ()); Assert ("PermissionStateUnrestricted.IsReadOnly", !ps.IsReadOnly); AssertEquals ("PermissionStateUnrestricted.ToXml().ToString()==ToString()", ps.ToXml ().ToString (), ps.ToString ()); }
public void PermissionStateUnrestricted () { PermissionSet ps = new PermissionSet (PermissionState.Unrestricted); Assert.IsTrue (ps.IsUnrestricted (), "PermissionStateUnrestricted.IsUnrestricted"); Assert.IsTrue (!ps.IsEmpty (), "PermissionStateUnrestricted.IsEmpty"); Assert.IsTrue (!ps.IsReadOnly, "PermissionStateUnrestricted.IsReadOnly"); Assert.AreEqual (ps.ToXml ().ToString (), ps.ToString (), "PermissionStateUnrestricted.ToXml().ToString()==ToString()"); Assert.IsTrue (!ps.ContainsNonCodeAccessPermissions (), "ContainsNonCodeAccessPermissions"); }
public void PermissionSetPermissionSet () { FileDialogPermission fdp = new FileDialogPermission (FileDialogPermissionAccess.Open); PermissionSet ps1 = new PermissionSet (PermissionState.None); ps1.AddPermission (fdp); Assert ("ps1.IsEmpty", !ps1.IsEmpty ()); PermissionSet ps = new PermissionSet (ps1); Assert ("PermissionSetPermissionSet.IsUnrestricted", !ps.IsUnrestricted ()); Assert ("PermissionSetPermissionSet.IsEmpty", !ps.IsEmpty ()); Assert ("PermissionSetPermissionSet.IsReadOnly", !ps.IsReadOnly); AssertEquals ("PermissionSetPermissionSet.ToXml().ToString()==ToString()", ps.ToXml ().ToString (), ps.ToString ()); }
public void PermissionSetPermissionSet () { FileDialogPermission fdp = new FileDialogPermission (FileDialogPermissionAccess.Open); PermissionSet ps1 = new PermissionSet (PermissionState.None); ps1.AddPermission (fdp); Assert.IsTrue (!ps1.IsEmpty (), "ps1.IsEmpty"); PermissionSet ps = new PermissionSet (ps1); Assert.IsTrue (!ps.IsUnrestricted (), "PermissionSetPermissionSet.IsUnrestricted"); Assert.IsTrue (!ps.IsEmpty (), "PermissionSetPermissionSet.IsEmpty"); Assert.IsTrue (!ps.IsReadOnly, "PermissionSetPermissionSet.IsReadOnly"); Assert.AreEqual (ps.ToXml ().ToString (), ps.ToString (), "PermissionSetPermissionSet.ToXml().ToString()==ToString()"); Assert.IsTrue (!ps.ContainsNonCodeAccessPermissions (), "ContainsNonCodeAccessPermissions"); }
public bool IsSubsetOf(PermissionSet target) { // if target is empty we must be empty too if ((target == null) || (target.IsEmpty())) { return(this.IsEmpty()); } // all permissions support unrestricted in 2.0 if (target.IsUnrestricted()) { return(true); } if (this.IsUnrestricted()) { return(false); }
public bool IsSubsetOf(PermissionSet target) { // if target is empty we must be empty too if ((target == null) || (target.IsEmpty())) { return(this.IsEmpty()); } // all permissions support unrestricted in 2.0 if (target.IsUnrestricted()) { return(true); } if (this.IsUnrestricted()) { return(false); } if (this.IsUnrestricted() && ((target == null) || !target.IsUnrestricted())) { return(false); } // if each of our permission is (a) present and (b) a subset of target foreach (IPermission p in list) { // non CAS permissions must be evaluated for unrestricted Type t = p.GetType(); IPermission i = null; if (target.IsUnrestricted() && (p is CodeAccessPermission) && (p is IUnrestrictedPermission)) { i = (IPermission)Activator.CreateInstance(t, psUnrestricted); } else { i = target.GetPermission(t); } if (!p.IsSubsetOf(i)) { return(false); // not a subset (condition b) } } return(true); }
// Form the intersection of this permission set and another. public virtual PermissionSet Intersect(PermissionSet other) { PermissionSet pset; if (other == null) { pset = new PermissionSet(PermissionState.None); } else if (!IsUnrestricted() || !other.IsUnrestricted()) { pset = new PermissionSet(PermissionState.None); } else { pset = new PermissionSet(PermissionState.Unrestricted); } if (other == null || other.IsEmpty() || IsEmpty()) { return(pset); } IEnumerator e = other.GetEnumerator(); IPermission permOther, permThis; int index; while (e.MoveNext()) { permOther = (e.Current as IPermission); if (permOther != null) { index = FindPermission(permOther.GetType()); if (index != -1) { permThis = (IPermission)(permissions[index]); permThis = permThis.Intersect(permOther); if (permThis != null) { pset.AddPermission(permThis); } } } } return(pset); }
private static void CheckSetHelper(PermissionSet grants, PermissionSet denied, PermissionSet demands) { #if _DEBUG if (debug) { DEBUG_OUT("Granted: "); DEBUG_OUT(grants.ToXml().ToString()); DEBUG_OUT("Denied: "); DEBUG_OUT(denied != null ? denied.ToXml().ToString() : "<null>"); DEBUG_OUT("Demanded: "); DEBUG_OUT(demands != null ? demands.ToXml().ToString() : "<null>"); } #endif if (demands == null || demands.IsEmpty()) { return; // demanding the empty set always passes. } if (grants == null) { throw new SecurityException(Environment.GetResourceString("Security_GenericNoType")); } if (!grants.IsUnrestricted() || (denied != null)) { if (demands.IsUnrestricted()) { throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"), grants, denied); } if (denied != null && denied.IsUnrestricted() && demands.m_unrestrictedPermSet.GetCount() != 0) { throw new SecurityException(Environment.GetResourceString("Security_GenericNoType")); } CheckTokenBasedSetHelper(grants.IsUnrestricted(), grants.m_unrestrictedPermSet, denied != null ? denied.m_unrestrictedPermSet : null, demands.m_unrestrictedPermSet); } CheckTokenBasedSetHelper(false, grants.m_normalPermSet, denied != null ? denied.m_normalPermSet : null, demands.m_normalPermSet); }
#pragma warning disable 169 private static bool LinkDemandFullTrust(Assembly a) { // FullTrust is immutable (and means Unrestricted) // so we can skip the subset operations and jump to IsUnrestricted. PermissionSet granted = a.GrantedPermissionSet; if ((granted != null) && !granted.IsUnrestricted()) { return(false); } PermissionSet denied = a.DeniedPermissionSet; if ((denied != null) && !denied.IsEmpty()) { return(false); } return(true); }
public void AddDeclarativeSecurity(SecurityAction action, PermissionSet pset) { if (pset == null) { throw new ArgumentNullException("pset"); } this.ThrowIfGeneric(); if ((!Enum.IsDefined(typeof(SecurityAction), action) || (action == SecurityAction.RequestMinimum)) || ((action == SecurityAction.RequestOptional) || (action == SecurityAction.RequestRefuse))) { throw new ArgumentOutOfRangeException("action"); } this.m_containingType.ThrowIfCreated(); byte[] blob = null; int cb = 0; if (!pset.IsEmpty()) { blob = pset.EncodeXml(); cb = blob.Length; } TypeBuilder.AddDeclarativeSecurity(this.m_module.GetNativeHandle(), this.MetadataTokenInternal, action, blob, cb); }
internal static bool TryResolveGrantSet(Evidence evidence, out PermissionSet grantSet) { HostSecurityManager hostSecurityManager = AppDomain.CurrentDomain.HostSecurityManager; if (evidence.GetHostEvidence <GacInstalled>() != null) { grantSet = new PermissionSet(PermissionState.Unrestricted); return(true); } if ((hostSecurityManager.Flags & HostSecurityManagerOptions.HostResolvePolicy) == HostSecurityManagerOptions.HostResolvePolicy) { PermissionSet target = hostSecurityManager.ResolvePolicy(evidence); if (target == null) { throw new PolicyException(Environment.GetResourceString("Policy_NullHostGrantSet", new object[] { hostSecurityManager.GetType().FullName })); } if (AppDomain.CurrentDomain.IsHomogenous) { if (target.IsEmpty()) { throw new PolicyException(Environment.GetResourceString("Policy_NoExecutionPermission")); } PermissionSet permissionSet = AppDomain.CurrentDomain.ApplicationTrust.DefaultGrantSet.PermissionSet; if (!(target.IsUnrestricted() || (target.IsSubsetOf(permissionSet) && permissionSet.IsSubsetOf(target)))) { throw new PolicyException(Environment.GetResourceString("Policy_GrantSetDoesNotMatchDomain", new object[] { hostSecurityManager.GetType().FullName })); } } grantSet = target; return(true); } if (AppDomain.CurrentDomain.IsHomogenous) { grantSet = AppDomain.CurrentDomain.GetHomogenousGrantSet(evidence); return(true); } grantSet = null; return(false); }
public PermissionSet Intersect(PermissionSet other) { // no intersection possible if ((other == null) || (other.IsEmpty()) || (this.IsEmpty())) { return(null); } PermissionState state = PermissionState.None; if (this.IsUnrestricted() && other.IsUnrestricted()) { state = PermissionState.Unrestricted; } PermissionSet interSet = null; // much simpler with 2.0 if (state == PermissionState.Unrestricted) { interSet = new PermissionSet(state); } else if (this.IsUnrestricted()) { interSet = other.Copy(); } else if (other.IsUnrestricted()) { interSet = this.Copy(); } else { interSet = new PermissionSet(state); InternalIntersect(interSet, this, other, false); } return(interSet); }
public void FromXmlOne () { FileDialogPermission fdp = new FileDialogPermission (FileDialogPermissionAccess.Open); PermissionSet ps1 = new PermissionSet (PermissionState.None); ps1.AddPermission (fdp); Assert.IsTrue (!ps1.IsEmpty (), "ps1.IsEmpty"); PermissionSet ps = new PermissionSet (ps1); SecurityElement se = ps.ToXml (); Assert.IsNotNull (se, "One.ToXml()"); Assert.AreEqual (1, ps.Count, "One.Count"); PermissionSet ps2 = (PermissionSet) ps.Copy (); ps2.FromXml (se); Assert.IsTrue (!ps2.IsUnrestricted () , "FromXml-Copy.IsUnrestricted"); Assert.AreEqual (1, ps2.Count, "Copy.Count"); se.AddAttribute ("Unrestricted", "true"); ps2.FromXml (se); Assert.IsTrue (ps2.IsUnrestricted (), "FromXml-Unrestricted.IsUnrestricted"); #if NET_2_0 Assert.AreEqual (0, ps2.Count, "Unrestricted.Count"); #else // IPermission not shown in XML but still present in Count Assert.AreEqual (1, ps2.Count, "Unrestricted.Count"); #endif }
public void AddPermission_NonCasPermission () { PermissionSet ps = new PermissionSet (PermissionState.None); ps.AddPermission (new PrincipalPermission ("name", "role")); Assert.AreEqual (1, ps.Count, "Count"); Assert.IsTrue (!ps.IsEmpty (), "IsEmpty"); }
[System.Security.SecurityCritical] // auto-generated private void AddDeclarativeSecurityNoLock(SecurityAction action, PermissionSet pset) { if (pset == null) throw new ArgumentNullException("pset"); #pragma warning disable 618 if (!Enum.IsDefined(typeof(SecurityAction), action) || action == SecurityAction.RequestMinimum || action == SecurityAction.RequestOptional || action == SecurityAction.RequestRefuse) { throw new ArgumentOutOfRangeException("action"); } #pragma warning restore 618 Contract.EndContractBlock(); ThrowIfCreated(); // Translate permission set into serialized format(uses standard binary serialization format). byte[] blob = null; int length = 0; if (!pset.IsEmpty()) { blob = pset.EncodeXml(); length = blob.Length; } // Write the blob into the metadata. AddDeclarativeSecurity(m_module.GetNativeHandle(), m_tdType.Token, action, blob, length); }
[System.Security.SecurityCritical] // auto-generated static private PermissionSet ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, out PermissionSet denied, bool checkExecutionPermission) { Contract.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled); if (executionSecurityPermission == null) { executionSecurityPermission = new SecurityPermission(SecurityPermissionFlag.Execution); } PermissionSet requested = null; PermissionSet optional; PermissionSet allowed; Exception savedException = null; // We don't want to recurse back into here as a result of a // stackwalk during resolution. So simply assert full trust (this // implies that custom permissions cannot use any permissions that // don't implement IUnrestrictedPermission. // PermissionSet.s_fullTrust.Assert(); // The requested set is the union of the minimal request and the // optional request. Minimal request defaults to empty, optional // is "AllPossible" (includes any permission that can be defined) // which is symbolized by null. optional = optPset; if (reqdPset == null) { requested = optional; } else { // If optional is null, the requested set becomes null/"AllPossible". requested = optional == null ? null : reqdPset.Union(optional); } // Make sure that the right to execute is requested (if this feature is // enabled). if (requested != null && !requested.IsUnrestricted()) { requested.AddPermission(executionSecurityPermission); } // If we aren't passed any evidence, just make an empty object if (evidence == null) { evidence = new Evidence(); } allowed = polmgr.Resolve(evidence); // Intersect the grant with the RequestOptional if (requested != null) { allowed.InplaceIntersect(requested); } // Check that we were granted the right to execute. if (checkExecutionPermission) { if (!allowed.Contains(executionSecurityPermission) || (denyPset != null && denyPset.Contains(executionSecurityPermission))) { throw new PolicyException(Environment.GetResourceString("Policy_NoExecutionPermission"), System.__HResults.CORSEC_E_NO_EXEC_PERM, savedException); } } // Check that we were granted at least the minimal set we asked for. Do // this before pruning away any overlap with the refused set so that // users have the flexability of defining minimal permissions that are // only expressable as set differences (e.g. allow access to "C:\" but // disallow "C:\Windows"). if (reqdPset != null && !reqdPset.IsSubsetOf(allowed)) { BCLDebug.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled, "Evaluating assembly level declarative security without legacy CAS policy enabled"); throw new PolicyException(Environment.GetResourceString("Policy_NoRequiredPermission"), System.__HResults.CORSEC_E_MIN_GRANT_FAIL, savedException); } // Remove any granted permissions that are safe subsets of some denied // permission. The remaining denied permissions (if any) are returned // along with the modified grant set for use in checks. if (denyPset != null) { BCLDebug.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled, "Evaluating assembly level declarative security without legacy CAS policy enabled"); denied = denyPset.Copy(); allowed.MergeDeniedSet(denied); if (denied.IsEmpty()) { denied = null; } } else { denied = null; } allowed.IgnoreTypeLoadFailures = true; return(allowed); }
private static bool FrameDescSetHelper(FrameSecurityDescriptor secDesc, PermissionSet demandSet, out PermissionSet alteredDemandSet) { PermissionSet permSet; // In the common case we are not going to alter the demand set, so just to // be safe we'll set it to null up front. // There's some oddness in here to deal with exceptions. The general idea behind // this is that we need some way of dealing with custom permissions that may not // handle all possible scenarios of Union(), Intersect(), and IsSubsetOf() properly // (they don't support it, throw null reference exceptions, etc.). alteredDemandSet = null; // An empty demand always succeeds. if (demandSet == null || demandSet.IsEmpty()) { return(StackHalt); } // In the case of permit only, we define an exception to be failure of the check // and therefore we throw a security exception. try { permSet = secDesc.GetPermitOnly(); if (permSet != null) { if (!demandSet.IsSubsetOf(permSet)) { throw new SecurityException(Environment.GetResourceString("Security_GenericNoType")); } } } catch (Exception) { throw new SecurityException(Environment.GetResourceString("Security_GenericNoType")); } // In the case of denial, we define an exception to be failure of the check // and therefore we throw a security exception. try { permSet = secDesc.GetDenials(); #if _DEBUG if (debug) { DEBUG_OUT("Checking Denials"); DEBUG_OUT("denials set =\n" + permSet.ToXml().ToString()); DEBUG_OUT("demandSet =\n" + demandSet.ToXml().ToString()); } #endif if (permSet != null) { PermissionSet intersection = demandSet.Intersect(permSet); if (intersection != null && !intersection.IsEmpty()) { throw new SecurityException(Environment.GetResourceString("Security_GenericNoType")); } } } catch (Exception) { throw new SecurityException(Environment.GetResourceString("Security_GenericNoType")); } // The assert case is more complex. Since asserts have the ability to "bleed through" // (where part of a demand is handled by an assertion, but the rest is passed on to // continue the stackwalk), we need to be more careful in handling the "failure" case. // Therefore, if an exception is thrown in performing any operation, we make sure to keep // that permission in the demand set thereby continuing the demand for that permission // walking down the stack. if (secDesc.GetAssertAllPossible()) { return(StackHalt); } permSet = secDesc.GetAssertions(); if (permSet != null) { // If this frame asserts a superset of the demand set we're done try { if (demandSet.IsSubsetOf(permSet)) { return(StackHalt); } } catch (Exception) { } // Determine whether any of the demand set asserted. We do this by // copying the demand set and removing anything in it that is asserted. if (!permSet.IsUnrestricted()) { PermissionSetEnumerator enumerator = (PermissionSetEnumerator)demandSet.GetEnumerator(); while (enumerator.MoveNext()) { IPermission perm = (IPermission)enumerator.Current; int i = enumerator.GetCurrentIndex(); if (perm != null) { bool unrestricted = perm is System.Security.Permissions.IUnrestrictedPermission; IPermission assertPerm = (IPermission)permSet.GetPermission(i, unrestricted); bool removeFromAlteredDemand = false; try { removeFromAlteredDemand = perm.IsSubsetOf(assertPerm); } catch (Exception) { } if (removeFromAlteredDemand) { if (alteredDemandSet == null) { alteredDemandSet = demandSet.Copy(); } alteredDemandSet.RemovePermission(i, unrestricted); } } } } } return(StackContinue); }
public void AddDeclarativeSecurity(SecurityAction action, PermissionSet pset) { ThrowIfGeneric (); if (pset == null) throw new ArgumentNullException("pset"); if (!Enum.IsDefined(typeof(SecurityAction), action) || action == SecurityAction.RequestMinimum || action == SecurityAction.RequestOptional || action == SecurityAction.RequestRefuse ) throw new ArgumentOutOfRangeException("action"); // cannot declarative security after type is created m_containingType.ThrowIfCreated(); // Translate permission set into serialized format (uses standard binary serialization format). byte[] blob = null; if (!pset.IsEmpty()) blob = pset.EncodeXml(); // Write the blob into the metadata. TypeBuilder.InternalAddDeclarativeSecurity (m_module, MetadataTokenInternal, action, blob); }
[System.Security.SecurityCritical] // auto-generated static private PermissionSet ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, out PermissionSet denied, bool checkExecutionPermission) { Contract.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled); if (executionSecurityPermission == null) executionSecurityPermission = new SecurityPermission(SecurityPermissionFlag.Execution); PermissionSet requested = null; PermissionSet optional; PermissionSet allowed; Exception savedException = null; // We don't want to recurse back into here as a result of a // stackwalk during resolution. So simply assert full trust (this // implies that custom permissions cannot use any permissions that // don't implement IUnrestrictedPermission. // PermissionSet.s_fullTrust.Assert(); // The requested set is the union of the minimal request and the // optional request. Minimal request defaults to empty, optional // is "AllPossible" (includes any permission that can be defined) // which is symbolized by null. optional = optPset; if (reqdPset == null) requested = optional; else // If optional is null, the requested set becomes null/"AllPossible". requested = optional == null ? null : reqdPset.Union(optional); // Make sure that the right to execute is requested (if this feature is // enabled). if (requested != null && !requested.IsUnrestricted()) requested.AddPermission( executionSecurityPermission ); // If we aren't passed any evidence, just make an empty object if (evidence == null) { evidence = new Evidence(); } allowed = polmgr.Resolve(evidence); // Intersect the grant with the RequestOptional if (requested != null) allowed.InplaceIntersect(requested); // Check that we were granted the right to execute. if (checkExecutionPermission) { if (!allowed.Contains(executionSecurityPermission) || (denyPset != null && denyPset.Contains(executionSecurityPermission))) { throw new PolicyException(Environment.GetResourceString("Policy_NoExecutionPermission"), System.__HResults.CORSEC_E_NO_EXEC_PERM, savedException); } } // Check that we were granted at least the minimal set we asked for. Do // this before pruning away any overlap with the refused set so that // users have the flexability of defining minimal permissions that are // only expressable as set differences (e.g. allow access to "C:\" but // disallow "C:\Windows"). if (reqdPset != null && !reqdPset.IsSubsetOf(allowed)) { BCLDebug.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled, "Evaluating assembly level declarative security without legacy CAS policy enabled"); throw new PolicyException(Environment.GetResourceString( "Policy_NoRequiredPermission" ), System.__HResults.CORSEC_E_MIN_GRANT_FAIL, savedException ); } // Remove any granted permissions that are safe subsets of some denied // permission. The remaining denied permissions (if any) are returned // along with the modified grant set for use in checks. if (denyPset != null) { BCLDebug.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled, "Evaluating assembly level declarative security without legacy CAS policy enabled"); denied = denyPset.Copy(); allowed.MergeDeniedSet(denied); if (denied.IsEmpty()) denied = null; } else denied = null; allowed.IgnoreTypeLoadFailures = true; return allowed; }
internal static bool TryResolveGrantSet(Evidence evidence, out PermissionSet grantSet) { Contract.Assert(evidence != null); HostSecurityManager securityManager = AppDomain.CurrentDomain.HostSecurityManager; // GAC assemblies always are fully trusted if (evidence.GetHostEvidence <GacInstalled>() != null) { grantSet = new PermissionSet(PermissionState.Unrestricted); return(true); } // If the host wants to participate in policy resolution, then our next option is to ask it for // a grant set else if ((securityManager.Flags & HostSecurityManagerOptions.HostResolvePolicy) == HostSecurityManagerOptions.HostResolvePolicy) { PermissionSet hostGrantSet = securityManager.ResolvePolicy(evidence); if (hostGrantSet == null) { throw new PolicyException(Environment.GetResourceString("Policy_NullHostGrantSet", securityManager.GetType().FullName)); } // If we're in a homogenous domain, we don't want to allow the host to create multiple // levels of permissions within the domain. So, if we see the host return something other // than full trust or the homogenous grant set, we reject the grant set. if (AppDomain.CurrentDomain.IsHomogenous) { // Some hosts, such as ASP.NET, return Nothing as a way of saying that the assembly should // not be allowed to run in the AppDomain. Reject that with a specific // no-execution-allowed-here exception message, rather than the return value validation // exception message we'd hit below. if (hostGrantSet.IsEmpty()) { throw new PolicyException(Environment.GetResourceString("Policy_NoExecutionPermission")); } PermissionSet homogenousGrantSet = AppDomain.CurrentDomain.ApplicationTrust.DefaultGrantSet.PermissionSet; bool isValidGrantSet = hostGrantSet.IsUnrestricted() || (hostGrantSet.IsSubsetOf(homogenousGrantSet) && homogenousGrantSet.IsSubsetOf(hostGrantSet)); if (!isValidGrantSet) { throw new PolicyException(Environment.GetResourceString("Policy_GrantSetDoesNotMatchDomain", securityManager.GetType().FullName)); } } grantSet = hostGrantSet; return(true); } // If we're in a homogenous domain, we can get the grant set directly from the application trust else if (AppDomain.CurrentDomain.IsHomogenous) { grantSet = AppDomain.CurrentDomain.GetHomogenousGrantSet(evidence); return(true); } // Otherwise we have no way to figure out what the grant set is else { grantSet = null; return(false); } }
internal static int GetSpecialFlags(PermissionSet grantSet, PermissionSet deniedSet) { if (((grantSet != null) && grantSet.IsUnrestricted()) && ((deniedSet == null) || deniedSet.IsEmpty())) { return(-1); } SecurityPermission permission = null; SecurityPermissionFlag noFlags = SecurityPermissionFlag.NoFlags; ReflectionPermission permission2 = null; ReflectionPermissionFlag reflectionPermissionFlags = ReflectionPermissionFlag.NoFlags; CodeAccessPermission[] permissionArray = new CodeAccessPermission[6]; if (grantSet != null) { if (grantSet.IsUnrestricted()) { noFlags = SecurityPermissionFlag.AllFlags; reflectionPermissionFlags = ReflectionPermissionFlag.RestrictedMemberAccess | ReflectionPermissionFlag.AllFlags; for (int i = 0; i < permissionArray.Length; i++) { permissionArray[i] = s_UnrestrictedSpecialPermissionMap[i]; } } else { permission = grantSet.GetPermission(6) as SecurityPermission; if (permission != null) { noFlags = permission.Flags; } permission2 = grantSet.GetPermission(4) as ReflectionPermission; if (permission2 != null) { reflectionPermissionFlags = permission2.Flags; } for (int j = 0; j < permissionArray.Length; j++) { permissionArray[j] = grantSet.GetPermission(s_BuiltInPermissionIndexMap[j][0]) as CodeAccessPermission; } } } if (deniedSet != null) { if (deniedSet.IsUnrestricted()) { noFlags = SecurityPermissionFlag.NoFlags; reflectionPermissionFlags = ReflectionPermissionFlag.NoFlags; for (int k = 0; k < s_BuiltInPermissionIndexMap.Length; k++) { permissionArray[k] = null; } } else { permission = deniedSet.GetPermission(6) as SecurityPermission; if (permission != null) { noFlags &= ~permission.Flags; } permission2 = deniedSet.GetPermission(4) as ReflectionPermission; if (permission2 != null) { reflectionPermissionFlags &= ~permission2.Flags; } for (int m = 0; m < s_BuiltInPermissionIndexMap.Length; m++) { CodeAccessPermission permission3 = deniedSet.GetPermission(s_BuiltInPermissionIndexMap[m][0]) as CodeAccessPermission; if ((permission3 != null) && !permission3.IsSubsetOf(null)) { permissionArray[m] = null; } } } } int num5 = MapToSpecialFlags(noFlags, reflectionPermissionFlags); if (num5 != -1) { for (int n = 0; n < permissionArray.Length; n++) { if ((permissionArray[n] != null) && ((IUnrestrictedPermission)permissionArray[n]).IsUnrestricted()) { num5 |= ((int)1) << s_BuiltInPermissionIndexMap[n][1]; } } } return(num5); }
public bool CheckSetDemandInternal(PermissionSet permSet, bool createException, out Exception exception, bool bNeedAlteredSet, out PermissionSet alteredSet) { alteredSet = null; BCLDebug.Assert(permSet != null, "permSet != null"); // If the compressed stack is not unrestricted and the demand is // then we just throw an exception. if (!this.m_unrestricted && permSet.IsUnrestricted()) { if (createException) { exception = new SecurityException(Environment.GetResourceString("Security_GenericNoType")); } else { exception = GetStaticException(); } return(false); } TokenBasedSet normalAlteredSet = null; TokenBasedSet unrestrictedAlteredSet = null; // Check the "normal" permissions since we always know we have to check them. bool normalContinue = CheckTokenBasedSets(this.m_normalPermSet, permSet.m_normalPermSet, false, PermissionListSetState.None, createException, out exception, bNeedAlteredSet, out normalAlteredSet); if (exception != null) { return(false); } bool unrestrictedContinue = CheckTokenBasedSets(this.m_unrestrictedPermSet, permSet.m_unrestrictedPermSet, m_unrestricted, m_state, createException, out exception, bNeedAlteredSet, out unrestrictedAlteredSet); if (exception != null) { return(false); } if ((m_state & PermissionListSetState.UnrestrictedAssert) != 0) { // If we are unrestricted, we want to terminate the stack walk based // on us having an unrestricted assert. if (bNeedAlteredSet) { unrestrictedAlteredSet = new TokenBasedSet(1, 4); } unrestrictedContinue = false; } if (normalContinue || unrestrictedContinue) { if (!bNeedAlteredSet) { return(true); } // If we need to continue, let's build the altered set. We only // need to do this if 1) our original demand is not unrestricted // and 2) if we have altered token based sets. if (!permSet.IsUnrestricted()) { if (normalAlteredSet != null || unrestrictedAlteredSet != null) { alteredSet = new PermissionSet(false); if (normalAlteredSet != null) { alteredSet.m_normalPermSet = normalAlteredSet; } else { alteredSet.m_normalPermSet = CopyTokenBasedSet(permSet.m_normalPermSet); } if (unrestrictedAlteredSet != null) { alteredSet.m_unrestrictedPermSet = unrestrictedAlteredSet; } else { alteredSet.m_unrestrictedPermSet = CopyTokenBasedSet(permSet.m_unrestrictedPermSet); } if (alteredSet.IsEmpty()) { return(false); } } } return(true); } else { return(false); } }
// Treating the current permission set as a grant set, and the input set as // a set of permissions to be denied, try to cancel out as many permissions // from both sets as possible. For a first cut, any granted permission that // is a safe subset of the corresponding denied permission can result in // that permission being removed from both sides. internal virtual void MergeDeniedSet(PermissionSet denied) { if (denied.IsEmpty()) { return; } m_CheckedForNonCas = false; if (!m_Unrestricted) { if (this.m_unrestrictedPermSet != null) this.m_unrestrictedPermSet.MergeDeniedSet( denied.m_unrestrictedPermSet ); } if (this.m_normalPermSet != null) this.m_normalPermSet.MergeDeniedSet( denied.m_normalPermSet ); }
private static PermissionSet ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, out PermissionSet denied, bool checkExecutionPermission) { if (executionSecurityPermission == null) { executionSecurityPermission = new SecurityPermission(SecurityPermissionFlag.Execution); } PermissionSet other = null; Exception exception = null; PermissionSet set2 = optPset; if (reqdPset == null) { other = set2; } else { other = (set2 == null) ? null : reqdPset.Union(set2); } if ((other != null) && !other.IsUnrestricted()) { other.AddPermission(executionSecurityPermission); } if (evidence == null) { evidence = new Evidence(); } PermissionSet target = polmgr.Resolve(evidence); if (other != null) { target.InplaceIntersect(other); } if (checkExecutionPermission && (!target.Contains(executionSecurityPermission) || ((denyPset != null) && denyPset.Contains(executionSecurityPermission)))) { throw new PolicyException(Environment.GetResourceString("Policy_NoExecutionPermission"), -2146233320, exception); } if ((reqdPset != null) && !reqdPset.IsSubsetOf(target)) { throw new PolicyException(Environment.GetResourceString("Policy_NoRequiredPermission"), -2146233321, exception); } if (denyPset != null) { denied = denyPset.Copy(); target.MergeDeniedSet(denied); if (denied.IsEmpty()) { denied = null; } } else { denied = null; } target.IgnoreTypeLoadFailures = true; return target; }
// Given a set of evidence and some permission requests, resolve policy // and compare the result against the given grant & deny sets. Return // whether the two are equivalent. static private bool CheckGrantSets(Evidence evidence, PermissionSet minimal, PermissionSet optional, PermissionSet refused, PermissionSet granted, PermissionSet denied) { PermissionSet newGranted = null; PermissionSet newDenied = null; int isUnrestricted; try { newGranted = ResolvePolicy(evidence, minimal, optional, refused, out newDenied, out isUnrestricted, true); } catch { return(false); } if (granted == null) { if ((newGranted != null) && !newGranted.IsEmpty()) { return(false); } } else { if (newGranted == null) { return(granted.IsEmpty()); } try { if (!granted.IsSubsetOf(newGranted) || !newGranted.IsSubsetOf(granted)) { return(false); } } catch (Exception) { // We catch any exception and just return false. // This has to be done because not all permissions // may support the IsSubsetOf operation. return(false); } } if (denied == null) { if ((newDenied != null) && !newDenied.IsEmpty()) { return(false); } } else { if (newDenied == null) { return(denied.IsEmpty()); } try { if (!denied.IsSubsetOf(newDenied) || !newDenied.IsSubsetOf(denied)) { return(false); } } catch (Exception) { // We catch any exception and just return false. // This has to be done because not all permissions // may support the IsSubsetOf operation. return(false); } } return(true); }
public PermissionSet Resolve(Evidence evidence, PermissionSet request) { #if _DEBUG if (debug) { DEBUG_OUT("PolicyManager::Resolve"); IEnumerator evidenceEnumerator = evidence.GetEnumerator(); DEBUG_OUT("Evidence:"); while (evidenceEnumerator.MoveNext()) { Object obj = evidenceEnumerator.Current; if (obj is Site) { DEBUG_OUT(((Site)obj).ToXml().ToString()); } else if (obj is Zone) { DEBUG_OUT(((Zone)obj).ToXml().ToString()); } else if (obj is Url) { DEBUG_OUT(((Url)obj).ToXml().ToString()); } else if (obj is StrongName) { DEBUG_OUT(((StrongName)obj).ToXml().ToString()); } else if (obj is PermissionRequestEvidence) { DEBUG_OUT(((PermissionRequestEvidence)obj).ToXml().ToString()); } } } #endif // We set grant to null to represent "AllPossible" PermissionSet grant = null; PolicyStatement policy; PolicyLevel currentLevel = null; IEnumerator levelEnumerator = m_levels.GetEnumerator(); char[] serializedEvidence = MakeEvidenceArray(evidence, false); int count = evidence.Count; bool testApplicationLevels = false; while (levelEnumerator.MoveNext()) { currentLevel = (PolicyLevel)levelEnumerator.Current; policy = currentLevel.Resolve(evidence, count, serializedEvidence); // If the grant is "AllPossible", the intersection is just the other permission set. // Otherwise, do an inplace intersection (since we know we can alter the grant set since // it is a copy of the first policy statement's permission set). if (grant == null) { grant = policy.PermissionSet; } else { // An exception somewhere in here means that a permission // failed some operation. This simply means that it will be // dropped from the grant set which is safe operation that // can be ignored. try { grant.InplaceIntersect(policy.GetPermissionSetNoCopy()); } catch (Exception) { } } #if _DEBUG if (debug) { DEBUG_OUT("Level = " + currentLevel.Label); DEBUG_OUT("policy =\n" + policy.ToXml().ToString()); DEBUG_OUT("grant so far =\n" + grant.ToXml().ToString()); } #endif if (grant.IsEmpty()) { break; } else if ((policy.Attributes & PolicyStatementAttribute.LevelFinal) == PolicyStatementAttribute.LevelFinal) { if (!currentLevel.Label.Equals("AppDomain")) { testApplicationLevels = true; } break; } } if (testApplicationLevels) { PolicyLevel appDomainLevel = null; for (int i = m_levels.Count - 1; i >= 0; --i) { currentLevel = (PolicyLevel)m_levels[i]; if (currentLevel.Label.Equals("AppDomain")) { appDomainLevel = currentLevel; break; } } if (appDomainLevel != null) { policy = appDomainLevel.Resolve(evidence, count, serializedEvidence); grant.InplaceIntersect(policy.GetPermissionSetNoCopy()); } } #if _DEBUG if (debug) { DEBUG_OUT("granted =\n" + grant.ToString()); DEBUG_OUT("request =\n" + (request != null ? request.ToString() : "<null>")); DEBUG_OUT("awarded =\n" + (request != null ? grant.Intersect(request).ToString() : grant.ToString())); } #endif try { if (request != null) { grant.InplaceIntersect(request); } } catch (Exception) { } #if _DEBUG if (debug) { DEBUG_OUT("granted after intersect w/ request =\n" + grant.ToString()); } #endif // Each piece of evidence can possibly create an identity permission that we // need to add to our grant set. Therefore, for all pieces of evidence that // implement the IIdentityPermissionFactory interface, ask it for its // adjoining identity permission and add it to the grant. IEnumerator enumerator = evidence.GetHostEnumerator(); while (enumerator.MoveNext()) { try { Object obj = enumerator.Current; IIdentityPermissionFactory factory = obj as IIdentityPermissionFactory; if (factory != null) { IPermission perm = factory.CreateIdentityPermission(evidence); if (perm != null) { grant.AddPermission(perm); } } } catch (Exception) { } } #if _DEBUG if (debug) { DEBUG_OUT("awarded with identity =\n" + grant.ToString()); } #endif return(grant); }
private PermissionSet GetCasOnlySet() { if (!this.m_ContainsNonCas) { return this; } if (this.IsUnrestricted()) { return this; } PermissionSet set = new PermissionSet(false); PermissionSetEnumeratorInternal internal2 = new PermissionSetEnumeratorInternal(this); while (internal2.MoveNext()) { IPermission current = (IPermission) internal2.Current; if (current is CodeAccessPermission) { set.AddPermission(current); } } set.m_CheckedForNonCas = true; set.m_ContainsCas = !set.IsEmpty(); set.m_ContainsNonCas = false; return set; }
static private PermissionSet ResolvePolicy(Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, out PermissionSet denied, bool checkExecutionPermission) { PermissionSet requested; PermissionSet optional; PermissionSet allowed; Exception savedException = null; // We don't want to recurse back into here as a result of a // stackwalk during resolution. So simply assert full trust (this // implies that custom permissions cannot use any permissions that // don't implement IUnrestrictedPermission. // PermissionSet.s_fullTrust.Assert(); // The requested set is the union of the minimal request and the // optional request. Minimal request defaults to empty, optional // is "AllPossible" (includes any permission that can be defined) // which is symbolized by null. optional = optPset; if (reqdPset == null) { requested = optional; } else { // If optional is null, the requested set becomes null/"AllPossible". requested = optional == null ? null : reqdPset.Union(optional); } // Make sure that the right to execute is requested (if this feature is // enabled). if (requested != null && !requested.IsUnrestricted() && CheckExecution()) { requested.AddPermission(executionSecurityPermission); } if (InitPolicy()) { // If we aren't passed any evidence, just make an empty object // If we are passed evidence, copy it before passing it // to the policy manager. // Note: this is not a deep copy, the pieces of evidence within the // Evidence object can still be altered and affect the originals. if (evidence == null) { evidence = new Evidence(); } else { evidence = evidence.ShallowCopy(); } evidence.AddHost(new PermissionRequestEvidence(reqdPset, optPset, denyPset)); // We need to make sure that no stray exceptions come out of Resolve so // we wrap it in a try block. try { allowed = polmgr.Resolve(evidence, requested); } catch (Exception e) { #if _DEBUG if (debug) { DEBUG_OUT("Exception during resolve"); DEBUG_OUT(e.GetType().FullName); DEBUG_OUT(e.Message); DEBUG_OUT(e.StackTrace); } #endif // If we get a policy exception, we are done are we are going to fail to // load no matter what. if (e is PolicyException) { throw e; } // If we get any other kid of exception, we set the allowed set to the // empty set and continue processing as normal. This allows assemblies // that make no request to be loaded but blocks any assembly that // makes a request from being loaded. This seems like a valid design to // me -- gregfee 6/19/2000 savedException = e; allowed = new PermissionSet(); } } else { denied = null; return(null); } #if _DEBUG if (debug) { DEBUG_OUT("ResolvePolicy:"); IEnumerator enumerator = evidence.GetEnumerator(); DEBUG_OUT("Evidence:"); while (enumerator.MoveNext()) { Object obj = enumerator.Current; if (obj is Site) { DEBUG_OUT(((Site)obj).ToXml().ToString()); } else if (obj is Zone) { DEBUG_OUT(((Zone)obj).ToXml().ToString()); } else if (obj is Url) { DEBUG_OUT(((Url)obj).ToXml().ToString()); } else if (obj is Publisher) { DEBUG_OUT(((Publisher)obj).ToXml().ToString()); } else if (obj is StrongName) { DEBUG_OUT(((StrongName)obj).ToXml().ToString()); } else if (obj is PermissionRequestEvidence) { DEBUG_OUT(((PermissionRequestEvidence)obj).ToXml().ToString()); } } DEBUG_OUT("Required permissions:"); DEBUG_OUT(reqdPset != null ? reqdPset.ToString() : "<null>"); DEBUG_OUT("Optional permissions:"); DEBUG_OUT(optPset != null ? optPset.ToString() : "<null>"); DEBUG_OUT("Denied permissions:"); DEBUG_OUT(denyPset != null ? denyPset.ToString() : "<null>"); DEBUG_OUT("Requested permissions:"); DEBUG_OUT(requested != null ? requested.ToString() : "<null>"); DEBUG_OUT("Granted permissions:"); DEBUG_OUT(allowed != null ? allowed.ToString() : "<null>"); } #endif // Check that we were granted the right to execute. if (!allowed.IsUnrestricted() && checkExecutionPermission && CheckExecution()) { SecurityPermission secPerm = (SecurityPermission)allowed.GetPermission(securityPermissionType); if (secPerm == null || !executionSecurityPermission.IsSubsetOf(secPerm)) { #if _DEBUG DEBUG_OUT("No execute permission"); #endif throw new PolicyException(Environment.GetResourceString("Policy_NoExecutionPermission"), System.__HResults.CORSEC_E_NO_EXEC_PERM, savedException); } } // Check that we were granted at least the minimal set we asked for. Do // this before pruning away any overlap with the refused set so that // users have the flexability of defining minimal permissions that are // only expressable as set differences (e.g. allow access to "C:\" but // disallow "C:\Windows"). if (reqdPset != null && !reqdPset.IsSubsetOf(allowed)) { #if _DEBUG DEBUG_OUT("Didn't get required permissions"); #endif throw new PolicyException(Environment.GetResourceString("Policy_NoRequiredPermission"), System.__HResults.CORSEC_E_MIN_GRANT_FAIL, savedException); } // Remove any granted permissions that are safe subsets of some denied // permission. The remaining denied permissions (if any) are returned // along with the modified grant set for use in checks. if (denyPset != null) { denied = denyPset.Copy(); allowed.MergeDeniedSet(denied); if (denied.IsEmpty()) { denied = null; } } else { denied = null; } #if _DEBUG if (debug) { DEBUG_OUT("Final denied permissions:"); DEBUG_OUT(denied != null ? denied.ToString() : "<null>"); } #endif return(allowed); }
public void IsEmpty_Unrestricted () { PermissionSet ps = new PermissionSet (PermissionState.Unrestricted); Assert.IsTrue (!ps.IsEmpty (), "Unrestricted.IsEmpty"); ps.AddPermission (new ZoneIdentityPermission (SecurityZone.NoZone)); #if NET_2_0 // Identity permissions aren't added to unrestricted permission sets in 2.0 Assert.AreEqual (0, ps.Count, "Count==0"); #else Assert.AreEqual (1, ps.Count, "Count==1"); #endif Assert.IsTrue (!ps.IsEmpty ()); // yes empty!, "Zip.IsEmpty"); }
internal static int GetSpecialFlags (PermissionSet grantSet, PermissionSet deniedSet) { if ((grantSet != null && grantSet.IsUnrestricted()) && (deniedSet == null || deniedSet.IsEmpty())) { return -1; } else { SecurityPermission securityPermission = null; #pragma warning disable 618 SecurityPermissionFlag securityPermissionFlags = SecurityPermissionFlag.NoFlags; #pragma warning restore 618 ReflectionPermission reflectionPermission = null; ReflectionPermissionFlag reflectionPermissionFlags = ReflectionPermissionFlag.NoFlags; CodeAccessPermission[] specialPermissions = new CodeAccessPermission[6]; if (grantSet != null) { if (grantSet.IsUnrestricted()) { securityPermissionFlags = SecurityPermissionFlag.AllFlags; reflectionPermissionFlags = ReflectionPermission.AllFlagsAndMore; for (int i = 0; i < specialPermissions.Length; i++) { specialPermissions[i] = s_UnrestrictedSpecialPermissionMap[i]; } } else { securityPermission = grantSet.GetPermission(BuiltInPermissionIndex.SecurityPermissionIndex) as SecurityPermission; if (securityPermission != null) securityPermissionFlags = securityPermission.Flags; reflectionPermission = grantSet.GetPermission(BuiltInPermissionIndex.ReflectionPermissionIndex) as ReflectionPermission; if (reflectionPermission != null) reflectionPermissionFlags = reflectionPermission.Flags; for (int i = 0; i < specialPermissions.Length; i++) { specialPermissions[i] = grantSet.GetPermission(s_BuiltInPermissionIndexMap[i][0]) as CodeAccessPermission; } } } if (deniedSet != null) { if (deniedSet.IsUnrestricted()) { securityPermissionFlags = SecurityPermissionFlag.NoFlags; reflectionPermissionFlags = ReflectionPermissionFlag.NoFlags; for (int i = 0; i < s_BuiltInPermissionIndexMap.Length; i++) { specialPermissions[i] = null; } } else { securityPermission = deniedSet.GetPermission(BuiltInPermissionIndex.SecurityPermissionIndex) as SecurityPermission; if (securityPermission != null) securityPermissionFlags &= ~securityPermission.Flags; reflectionPermission = deniedSet.GetPermission(BuiltInPermissionIndex.ReflectionPermissionIndex) as ReflectionPermission; if (reflectionPermission != null) reflectionPermissionFlags &= ~reflectionPermission.Flags; for (int i = 0; i < s_BuiltInPermissionIndexMap.Length; i++) { CodeAccessPermission deniedSpecialPermission = deniedSet.GetPermission(s_BuiltInPermissionIndexMap[i][0]) as CodeAccessPermission; if (deniedSpecialPermission != null && !deniedSpecialPermission.IsSubsetOf(null)) specialPermissions[i] = null; // we don't care about the exact value here. } } } int flags = MapToSpecialFlags(securityPermissionFlags, reflectionPermissionFlags); if (flags != -1) { for (int i = 0; i < specialPermissions.Length; i++) { if (specialPermissions[i] != null && ((IUnrestrictedPermission) specialPermissions[i]).IsUnrestricted()) flags |= (1 << (int) s_BuiltInPermissionIndexMap[i][1]); } } return flags; } }
internal static IPermission CheckPermissionSet (AppDomain ad, PermissionSet ps) { if ((ps == null) || ps.IsEmpty ()) return null; PermissionSet granted = ad.GrantedPermissionSet; if (granted == null) return null; if (granted.IsUnrestricted ()) return null; if (ps.IsUnrestricted ()) return new SecurityPermission (SecurityPermissionFlag.NoFlags); foreach (IPermission p in ps) { if (p is CodeAccessPermission) { CodeAccessPermission grant = (CodeAccessPermission) granted.GetPermission (p.GetType ()); if (grant == null) { if (!granted.IsUnrestricted () || !(p is IUnrestrictedPermission)) { if (!p.IsSubsetOf (null)) return p; } } else if (!p.IsSubsetOf (grant)) { return p; } } else { // but non-CAS will throw on failure... try { p.Demand (); } catch (SecurityException) { // ... so we catch return p; } } } return null; }
internal bool CheckSetDemand2(PermissionSet demandSet, out PermissionSet alteredDemandSet, RuntimeMethodHandleInternal rmh, bool fDeclarative) { alteredDemandSet = null; if ((demandSet == null) || demandSet.IsEmpty()) { return(false); } if (this.GetPermitOnly(fDeclarative) != null) { this.GetPermitOnly(fDeclarative).CheckDecoded(demandSet); } if (this.GetDenials(fDeclarative) != null) { this.GetDenials(fDeclarative).CheckDecoded(demandSet); } if (this.GetAssertions(fDeclarative) != null) { this.GetAssertions(fDeclarative).CheckDecoded(demandSet); } bool flag = SecurityManager._SetThreadSecurity(false); try { PermissionSet permitOnly = this.GetPermitOnly(fDeclarative); if (permitOnly != null) { IPermission firstPermThatFailed = null; bool flag2 = true; try { flag2 = !demandSet.CheckPermitOnly(permitOnly, out firstPermThatFailed); } catch (ArgumentException) { } if (flag2) { throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"), null, permitOnly, SecurityRuntime.GetMethodInfo(rmh), demandSet, firstPermThatFailed); } } permitOnly = this.GetDenials(fDeclarative); if (permitOnly != null) { IPermission permission2 = null; bool flag3 = true; try { flag3 = !demandSet.CheckDeny(permitOnly, out permission2); } catch (ArgumentException) { } if (flag3) { throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"), permitOnly, null, SecurityRuntime.GetMethodInfo(rmh), demandSet, permission2); } } if (this.GetAssertAllPossible()) { return(false); } permitOnly = this.GetAssertions(fDeclarative); if (permitOnly != null) { if (demandSet.CheckAssertion(permitOnly)) { return(false); } if (!permitOnly.IsUnrestricted()) { PermissionSet.RemoveAssertedPermissionSet(demandSet, permitOnly, out alteredDemandSet); } } } finally { if (flag) { SecurityManager._SetThreadSecurity(true); } } return(true); }
// Token: 0x06001E28 RID: 7720 RVA: 0x0006948C File Offset: 0x0006768C internal static int GetSpecialFlags(PermissionSet grantSet, PermissionSet deniedSet) { if (grantSet != null && grantSet.IsUnrestricted() && (deniedSet == null || deniedSet.IsEmpty())) { return(-1); } SecurityPermissionFlag securityPermissionFlag = SecurityPermissionFlag.NoFlags; ReflectionPermissionFlag reflectionPermissionFlag = ReflectionPermissionFlag.NoFlags; CodeAccessPermission[] array = new CodeAccessPermission[6]; if (grantSet != null) { if (grantSet.IsUnrestricted()) { securityPermissionFlag = SecurityPermissionFlag.AllFlags; reflectionPermissionFlag = (ReflectionPermissionFlag.TypeInformation | ReflectionPermissionFlag.MemberAccess | ReflectionPermissionFlag.ReflectionEmit | ReflectionPermissionFlag.RestrictedMemberAccess); for (int i = 0; i < array.Length; i++) { array[i] = SecurityManager.s_UnrestrictedSpecialPermissionMap[i]; } } else { SecurityPermission securityPermission = grantSet.GetPermission(6) as SecurityPermission; if (securityPermission != null) { securityPermissionFlag = securityPermission.Flags; } ReflectionPermission reflectionPermission = grantSet.GetPermission(4) as ReflectionPermission; if (reflectionPermission != null) { reflectionPermissionFlag = reflectionPermission.Flags; } for (int j = 0; j < array.Length; j++) { array[j] = (grantSet.GetPermission(SecurityManager.s_BuiltInPermissionIndexMap[j][0]) as CodeAccessPermission); } } } if (deniedSet != null) { if (deniedSet.IsUnrestricted()) { securityPermissionFlag = SecurityPermissionFlag.NoFlags; reflectionPermissionFlag = ReflectionPermissionFlag.NoFlags; for (int k = 0; k < SecurityManager.s_BuiltInPermissionIndexMap.Length; k++) { array[k] = null; } } else { SecurityPermission securityPermission = deniedSet.GetPermission(6) as SecurityPermission; if (securityPermission != null) { securityPermissionFlag &= ~securityPermission.Flags; } ReflectionPermission reflectionPermission = deniedSet.GetPermission(4) as ReflectionPermission; if (reflectionPermission != null) { reflectionPermissionFlag &= ~reflectionPermission.Flags; } for (int l = 0; l < SecurityManager.s_BuiltInPermissionIndexMap.Length; l++) { CodeAccessPermission codeAccessPermission = deniedSet.GetPermission(SecurityManager.s_BuiltInPermissionIndexMap[l][0]) as CodeAccessPermission; if (codeAccessPermission != null && !codeAccessPermission.IsSubsetOf(null)) { array[l] = null; } } } } int num = SecurityManager.MapToSpecialFlags(securityPermissionFlag, reflectionPermissionFlag); if (num != -1) { for (int m = 0; m < array.Length; m++) { if (array[m] != null && ((IUnrestrictedPermission)array[m]).IsUnrestricted()) { num |= 1 << SecurityManager.s_BuiltInPermissionIndexMap[m][1]; } } } return(num); }
[System.Security.SecurityCritical] // auto-generated internal bool CheckSetDemand2(PermissionSet demandSet, out PermissionSet alteredDemandSet, RuntimeMethodHandleInternal rmh, bool fDeclarative) { PermissionSet permSet; // In the common case we are not going to alter the demand set, so just to // be safe we'll set it to null up front. alteredDemandSet = null; // There's some oddness in here to deal with exceptions. The general idea behind // this is that we need some way of dealing with custom permissions that may not // handle all possible scenarios of Union(), Intersect(), and IsSubsetOf() properly // (they don't support it, throw null reference exceptions, etc.). // An empty demand always succeeds. if (demandSet == null || demandSet.IsEmpty()) return SecurityRuntime.StackHalt; if (GetPermitOnly(fDeclarative) != null) GetPermitOnly(fDeclarative).CheckDecoded( demandSet ); if (GetDenials(fDeclarative) != null) GetDenials(fDeclarative).CheckDecoded( demandSet ); if (GetAssertions(fDeclarative) != null) GetAssertions(fDeclarative).CheckDecoded( demandSet ); bool bThreadSecurity = SecurityManager._SetThreadSecurity(false); try { // In the case of permit only, we define an exception to be failure of the check // and therefore we throw a security exception. permSet = GetPermitOnly(fDeclarative); if (permSet != null) { IPermission permFailed = null; bool bNeedToThrow = true; try { bNeedToThrow = !demandSet.CheckPermitOnly(permSet, out permFailed); } catch (ArgumentException) { } if (bNeedToThrow) throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"), null, permSet, SecurityRuntime.GetMethodInfo(rmh), demandSet, permFailed); } // In the case of denial, we define an exception to be failure of the check // and therefore we throw a security exception. permSet = GetDenials(fDeclarative); if (permSet != null) { IPermission permFailed = null; bool bNeedToThrow = true; try { bNeedToThrow = !demandSet.CheckDeny(permSet, out permFailed); } catch (ArgumentException) { } if (bNeedToThrow) throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"), permSet, null, SecurityRuntime.GetMethodInfo(rmh), demandSet, permFailed); } // The assert case is more complex. Since asserts have the ability to "bleed through" // (where part of a demand is handled by an assertion, but the rest is passed on to // continue the stackwalk), we need to be more careful in handling the "failure" case. // Therefore, if an exception is thrown in performing any operation, we make sure to keep // that permission in the demand set thereby continuing the demand for that permission // walking down the stack. if (GetAssertAllPossible()) { return SecurityRuntime.StackHalt; } permSet = GetAssertions(fDeclarative); if (permSet != null) { // If this frame asserts a superset of the demand set we're done if (demandSet.CheckAssertion( permSet )) return SecurityRuntime.StackHalt; // Determine whether any of the demand set asserted. We do this by // copying the demand set and removing anything in it that is asserted. if (!permSet.IsUnrestricted()) { PermissionSet.RemoveAssertedPermissionSet(demandSet, permSet, out alteredDemandSet); } } } finally { if (bThreadSecurity) SecurityManager._SetThreadSecurity(true); } return SecurityRuntime.StackContinue; }
private static bool FrameDescSetHelper(FrameSecurityDescriptor secDesc, PermissionSet demandSet, out PermissionSet alteredDemandSet) { PermissionSet permSet; // In the common case we are not going to alter the demand set, so just to // be safe we'll set it to null up front. // There's some oddness in here to deal with exceptions. The general idea behind // this is that we need some way of dealing with custom permissions that may not // handle all possible scenarios of Union(), Intersect(), and IsSubsetOf() properly // (they don't support it, throw null reference exceptions, etc.). alteredDemandSet = null; // An empty demand always succeeds. if (demandSet == null || demandSet.IsEmpty()) return StackHalt; // In the case of permit only, we define an exception to be failure of the check // and therefore we throw a security exception. try { permSet = secDesc.GetPermitOnly(); if (permSet != null) { if (!demandSet.IsSubsetOf(permSet)) { throw new SecurityException(Environment.GetResourceString("Security_GenericNoType")); } } } catch (Exception) { throw new SecurityException(Environment.GetResourceString("Security_GenericNoType")); } // In the case of denial, we define an exception to be failure of the check // and therefore we throw a security exception. try { permSet = secDesc.GetDenials(); #if _DEBUG if (debug) { DEBUG_OUT("Checking Denials"); DEBUG_OUT("denials set =\n" + permSet.ToXml().ToString() ); DEBUG_OUT("demandSet =\n" + demandSet.ToXml().ToString() ); } #endif if (permSet != null) { PermissionSet intersection = demandSet.Intersect(permSet); if (intersection != null && !intersection.IsEmpty()) { throw new SecurityException(Environment.GetResourceString("Security_GenericNoType")); } } } catch (Exception) { throw new SecurityException(Environment.GetResourceString("Security_GenericNoType")); } // The assert case is more complex. Since asserts have the ability to "bleed through" // (where part of a demand is handled by an assertion, but the rest is passed on to // continue the stackwalk), we need to be more careful in handling the "failure" case. // Therefore, if an exception is thrown in performing any operation, we make sure to keep // that permission in the demand set thereby continuing the demand for that permission // walking down the stack. if (secDesc.GetAssertAllPossible()) { return StackHalt; } permSet = secDesc.GetAssertions(); if (permSet != null) { // If this frame asserts a superset of the demand set we're done try { if (demandSet.IsSubsetOf( permSet )) return StackHalt; } catch (Exception) { } // Determine whether any of the demand set asserted. We do this by // copying the demand set and removing anything in it that is asserted. if (!permSet.IsUnrestricted()) { PermissionSetEnumerator enumerator = (PermissionSetEnumerator)demandSet.GetEnumerator(); while (enumerator.MoveNext()) { IPermission perm = (IPermission)enumerator.Current; int i = enumerator.GetCurrentIndex(); if (perm != null) { bool unrestricted = perm is System.Security.Permissions.IUnrestrictedPermission; IPermission assertPerm = (IPermission)permSet.GetPermission(i, unrestricted); bool removeFromAlteredDemand = false; try { removeFromAlteredDemand = perm.IsSubsetOf(assertPerm); } catch (Exception) { } if (removeFromAlteredDemand) { if (alteredDemandSet == null) alteredDemandSet = demandSet.Copy(); alteredDemandSet.RemovePermission(i, unrestricted); } } } } } return StackContinue; }
public bool CheckSetDemandInternal(PermissionSet permSet, out Exception exception, bool bNeedAlteredSet, out PermissionSet alteredSet) { alteredSet = null; BCLDebug.Assert(permSet != null, "permSet != null"); // If the compressed stack is not unrestricted and the demand is // then we just throw an exception. if (!this.m_unrestricted && permSet.IsUnrestricted()) { exception = new SecurityException(Environment.GetResourceString("Security_GenericNoType") ); return false; } TokenBasedSet normalAlteredSet = null; TokenBasedSet unrestrictedAlteredSet = null; // Check the "normal" permissions since we always know we have to check them. bool normalContinue = CheckTokenBasedSets( this.m_normalPermSet, permSet.m_normalPermSet, false, PermissionListSetState.None, out exception, bNeedAlteredSet, out normalAlteredSet ); if (exception != null) { return false; } bool unrestrictedContinue = CheckTokenBasedSets( this.m_unrestrictedPermSet, permSet.m_unrestrictedPermSet, m_unrestricted, m_state, out exception, bNeedAlteredSet, out unrestrictedAlteredSet ); if (exception != null) { return false; } if ((m_state & PermissionListSetState.UnrestrictedAssert) != 0) { // If we are unrestricted, we want to terminate the stack walk based // on us having an unrestricted assert. if (bNeedAlteredSet) unrestrictedAlteredSet = new TokenBasedSet( 1, 4 ); unrestrictedContinue = false; } if (normalContinue || unrestrictedContinue) { if (!bNeedAlteredSet) return true; // If we need to continue, let's build the altered set. We only // need to do this if 1) our original demand is not unrestricted // and 2) if we have altered token based sets. if (!permSet.IsUnrestricted()) { if (normalAlteredSet != null || unrestrictedAlteredSet != null) { alteredSet = new PermissionSet( false ); if (normalAlteredSet != null) alteredSet.m_normalPermSet = normalAlteredSet; else alteredSet.m_normalPermSet = CopyTokenBasedSet( permSet.m_normalPermSet ); if (unrestrictedAlteredSet != null) alteredSet.m_unrestrictedPermSet = unrestrictedAlteredSet; else alteredSet.m_unrestrictedPermSet = CopyTokenBasedSet( permSet.m_unrestrictedPermSet ); if (alteredSet.IsEmpty()) return false; } } return true; } else { return false; } }
// Returns a permission set containing only CAS-permissions. If possible // this is just the input set, otherwise a new set is allocated. private PermissionSet GetCasOnlySet() { if (!m_ContainsNonCas) return this; if (IsUnrestricted()) return this; PermissionSet pset = new PermissionSet(false); PermissionSetEnumeratorInternal enumerator = new PermissionSetEnumeratorInternal(this); while (enumerator.MoveNext()) { IPermission perm = (IPermission)enumerator.Current; if (perm is CodeAccessPermission) pset.AddPermission(perm); } pset.m_CheckedForNonCas = true; pset.m_ContainsCas = !pset.IsEmpty(); pset.m_ContainsNonCas = false; return pset; }
internal static int GetSpecialFlags(PermissionSet grantSet, PermissionSet deniedSet) { if ((grantSet != null && grantSet.IsUnrestricted()) && (deniedSet == null || deniedSet.IsEmpty())) { return(-1); } else { SecurityPermission securityPermission = null; #pragma warning disable 618 SecurityPermissionFlag securityPermissionFlags = SecurityPermissionFlag.NoFlags; #pragma warning restore 618 ReflectionPermission reflectionPermission = null; ReflectionPermissionFlag reflectionPermissionFlags = ReflectionPermissionFlag.NoFlags; CodeAccessPermission[] specialPermissions = new CodeAccessPermission[6]; if (grantSet != null) { if (grantSet.IsUnrestricted()) { #pragma warning disable 618 securityPermissionFlags = SecurityPermissionFlag.AllFlags; #pragma warning restore 618 reflectionPermissionFlags = ReflectionPermission.AllFlagsAndMore; for (int i = 0; i < specialPermissions.Length; i++) { specialPermissions[i] = s_UnrestrictedSpecialPermissionMap[i]; } } else { securityPermission = grantSet.GetPermission(BuiltInPermissionIndex.SecurityPermissionIndex) as SecurityPermission; if (securityPermission != null) { securityPermissionFlags = securityPermission.Flags; } reflectionPermission = grantSet.GetPermission(BuiltInPermissionIndex.ReflectionPermissionIndex) as ReflectionPermission; if (reflectionPermission != null) { reflectionPermissionFlags = reflectionPermission.Flags; } for (int i = 0; i < specialPermissions.Length; i++) { specialPermissions[i] = grantSet.GetPermission(s_BuiltInPermissionIndexMap[i][0]) as CodeAccessPermission; } } } if (deniedSet != null) { if (deniedSet.IsUnrestricted()) { #pragma warning disable 618 securityPermissionFlags = SecurityPermissionFlag.NoFlags; #pragma warning restore 618 reflectionPermissionFlags = ReflectionPermissionFlag.NoFlags; for (int i = 0; i < s_BuiltInPermissionIndexMap.Length; i++) { specialPermissions[i] = null; } } else { securityPermission = deniedSet.GetPermission(BuiltInPermissionIndex.SecurityPermissionIndex) as SecurityPermission; if (securityPermission != null) { securityPermissionFlags &= ~securityPermission.Flags; } reflectionPermission = deniedSet.GetPermission(BuiltInPermissionIndex.ReflectionPermissionIndex) as ReflectionPermission; if (reflectionPermission != null) { reflectionPermissionFlags &= ~reflectionPermission.Flags; } for (int i = 0; i < s_BuiltInPermissionIndexMap.Length; i++) { CodeAccessPermission deniedSpecialPermission = deniedSet.GetPermission(s_BuiltInPermissionIndexMap[i][0]) as CodeAccessPermission; if (deniedSpecialPermission != null && !deniedSpecialPermission.IsSubsetOf(null)) { specialPermissions[i] = null; // we don't care about the exact value here. } } } } int flags = MapToSpecialFlags(securityPermissionFlags, reflectionPermissionFlags); if (flags != -1) { for (int i = 0; i < specialPermissions.Length; i++) { if (specialPermissions[i] != null && ((IUnrestrictedPermission)specialPermissions[i]).IsUnrestricted()) { flags |= (1 << (int)s_BuiltInPermissionIndexMap[i][1]); } } } return(flags); } }
public bool IsSubsetOf (PermissionSet target) { // if target is empty we must be empty too if ((target == null) || (target.IsEmpty ())) return this.IsEmpty (); // all permissions support unrestricted in 2.0 if (target.IsUnrestricted ()) return true; if (this.IsUnrestricted ()) return false; if (this.IsUnrestricted () && ((target == null) || !target.IsUnrestricted ())) return false; // if each of our permission is (a) present and (b) a subset of target foreach (IPermission p in list) { // non CAS permissions must be evaluated for unrestricted Type t = p.GetType (); IPermission i = null; if (target.IsUnrestricted () && (p is CodeAccessPermission) && (p is IUnrestrictedPermission)) { i = (IPermission) Activator.CreateInstance (t, psUnrestricted); } else { i = target.GetPermission (t); } if (!p.IsSubsetOf (i)) return false; // not a subset (condition b) } return true; }
public void AddPermission_NonCasPermissionUnrestricted () { PermissionSet ps = new PermissionSet (PermissionState.None); ps.AddPermission (new PrincipalPermission (PermissionState.Unrestricted)); Assert.AreEqual (1, ps.Count, "Count"); Assert.IsTrue (!ps.IsEmpty (), "IsEmpty"); }
public PermissionSet Intersect (PermissionSet other) { // no intersection possible if ((other == null) || (other.IsEmpty ()) || (this.IsEmpty ())) return null; PermissionState state = PermissionState.None; if (this.IsUnrestricted () && other.IsUnrestricted ()) state = PermissionState.Unrestricted; PermissionSet interSet = null; // much simpler with 2.0 if (state == PermissionState.Unrestricted) { interSet = new PermissionSet (state); } else if (this.IsUnrestricted ()) { interSet = other.Copy (); } else if (other.IsUnrestricted ()) { interSet = this.Copy (); } else { interSet = new PermissionSet (state); InternalIntersect (interSet, this, other, false); } return interSet; }
internal static IPermission CheckPermissionSet(AppDomain ad, PermissionSet ps) { if ((ps == null) || ps.IsEmpty()) { return(null); } PermissionSet granted = ad.GrantedPermissionSet; if (granted == null) { return(null); } #if NET_2_0 if (granted.IsUnrestricted()) { return(null); } #else if ((granted.Count == 0) && granted.IsUnrestricted()) { return(null); } #endif if (ps.IsUnrestricted()) { return(new SecurityPermission(SecurityPermissionFlag.NoFlags)); } foreach (IPermission p in ps) { if (p is CodeAccessPermission) { CodeAccessPermission grant = (CodeAccessPermission)granted.GetPermission(p.GetType()); if (grant == null) { if (!granted.IsUnrestricted() || !(p is IUnrestrictedPermission)) { if (!p.IsSubsetOf(null)) { return(p); } } } else if (!p.IsSubsetOf(grant)) { return(p); } } else { // but non-CAS will throw on failure... try { p.Demand(); } catch (SecurityException) { // ... so we catch return(p); } } } return(null); }
private static void CheckSetHelper(PermissionSet grants, PermissionSet denied, PermissionSet demands) { #if _DEBUG if (debug) { DEBUG_OUT("Granted: "); DEBUG_OUT(grants.ToXml().ToString()); DEBUG_OUT("Denied: "); DEBUG_OUT(denied!=null ? denied.ToXml().ToString() : "<null>"); DEBUG_OUT("Demanded: "); DEBUG_OUT(demands!=null ? demands.ToXml().ToString() : "<null>"); } #endif if (demands == null || demands.IsEmpty()) return; // demanding the empty set always passes. if (grants == null) { throw new SecurityException(Environment.GetResourceString("Security_GenericNoType")); } if (!grants.IsUnrestricted() || (denied != null)) { if (demands.IsUnrestricted()) { throw new SecurityException(Environment.GetResourceString("Security_GenericNoType")); } CheckTokenBasedSetHelper( grants.IsUnrestricted(), grants.m_unrestrictedPermSet, denied != null ? denied.m_unrestrictedPermSet : null, demands.m_unrestrictedPermSet ); } CheckTokenBasedSetHelper( false, grants.m_normalPermSet, denied != null ? denied.m_normalPermSet : null, demands.m_normalPermSet ); }
public void IsEmpty_None () { PermissionSet ps = new PermissionSet (PermissionState.None); Assert.IsTrue (ps.IsEmpty (), "Empty.IsEmpty"); ps.AddPermission (new ZoneIdentityPermission (SecurityZone.NoZone)); Assert.AreEqual (1, ps.Count, "Count==1"); Assert.IsTrue (ps.IsEmpty ()); // yes empty!, "Zip.IsEmpty"); }
internal static int GetSpecialFlags(PermissionSet grantSet, PermissionSet deniedSet) { if (((grantSet != null) && grantSet.IsUnrestricted()) && ((deniedSet == null) || deniedSet.IsEmpty())) { return -1; } SecurityPermission permission = null; SecurityPermissionFlag noFlags = SecurityPermissionFlag.NoFlags; ReflectionPermission permission2 = null; ReflectionPermissionFlag reflectionPermissionFlags = ReflectionPermissionFlag.NoFlags; CodeAccessPermission[] permissionArray = new CodeAccessPermission[6]; if (grantSet != null) { if (grantSet.IsUnrestricted()) { noFlags = SecurityPermissionFlag.AllFlags; reflectionPermissionFlags = ReflectionPermissionFlag.RestrictedMemberAccess | ReflectionPermissionFlag.AllFlags; for (int i = 0; i < permissionArray.Length; i++) { permissionArray[i] = s_UnrestrictedSpecialPermissionMap[i]; } } else { permission = grantSet.GetPermission(6) as SecurityPermission; if (permission != null) { noFlags = permission.Flags; } permission2 = grantSet.GetPermission(4) as ReflectionPermission; if (permission2 != null) { reflectionPermissionFlags = permission2.Flags; } for (int j = 0; j < permissionArray.Length; j++) { permissionArray[j] = grantSet.GetPermission(s_BuiltInPermissionIndexMap[j][0]) as CodeAccessPermission; } } } if (deniedSet != null) { if (deniedSet.IsUnrestricted()) { noFlags = SecurityPermissionFlag.NoFlags; reflectionPermissionFlags = ReflectionPermissionFlag.NoFlags; for (int k = 0; k < s_BuiltInPermissionIndexMap.Length; k++) { permissionArray[k] = null; } } else { permission = deniedSet.GetPermission(6) as SecurityPermission; if (permission != null) { noFlags &= ~permission.Flags; } permission2 = deniedSet.GetPermission(4) as ReflectionPermission; if (permission2 != null) { reflectionPermissionFlags &= ~permission2.Flags; } for (int m = 0; m < s_BuiltInPermissionIndexMap.Length; m++) { CodeAccessPermission permission3 = deniedSet.GetPermission(s_BuiltInPermissionIndexMap[m][0]) as CodeAccessPermission; if ((permission3 != null) && !permission3.IsSubsetOf(null)) { permissionArray[m] = null; } } } } int num5 = MapToSpecialFlags(noFlags, reflectionPermissionFlags); if (num5 != -1) { for (int n = 0; n < permissionArray.Length; n++) { if ((permissionArray[n] != null) && ((IUnrestrictedPermission) permissionArray[n]).IsUnrestricted()) { num5 |= ((int) 1) << s_BuiltInPermissionIndexMap[n][1]; } } } return num5; }
internal static IPermission CheckPermissionSet (Assembly a, PermissionSet ps, bool noncas) { if (ps.IsEmpty ()) return null; foreach (IPermission p in ps) { // note: this may contains non CAS permissions if ((!noncas) && (p is CodeAccessPermission)) { if (!IsGranted (a, p)) return p; } else { // but non-CAS will throw on failure... try { p.Demand (); } catch (SecurityException) { // ... so we catch return p; } } } return null; }
public bool IsSubsetOf (PermissionSet target) { // if target is empty we must be empty too if ((target == null) || (target.IsEmpty ())) return this.IsEmpty (); // all permissions support unrestricted in 2.0 if (target.IsUnrestricted ()) return true; if (this.IsUnrestricted ()) return false;
[System.Security.SecurityCritical] // auto-generated internal bool CheckSetDemand2(PermissionSet demandSet, out PermissionSet alteredDemandSet, RuntimeMethodHandleInternal rmh, bool fDeclarative) { PermissionSet permSet; // In the common case we are not going to alter the demand set, so just to // be safe we'll set it to null up front. alteredDemandSet = null; // There's some oddness in here to deal with exceptions. The general idea behind // this is that we need some way of dealing with custom permissions that may not // handle all possible scenarios of Union(), Intersect(), and IsSubsetOf() properly // (they don't support it, throw null reference exceptions, etc.). // An empty demand always succeeds. if (demandSet == null || demandSet.IsEmpty()) { return(SecurityRuntime.StackHalt); } if (GetPermitOnly(fDeclarative) != null) { GetPermitOnly(fDeclarative).CheckDecoded(demandSet); } if (GetDenials(fDeclarative) != null) { GetDenials(fDeclarative).CheckDecoded(demandSet); } if (GetAssertions(fDeclarative) != null) { GetAssertions(fDeclarative).CheckDecoded(demandSet); } bool bThreadSecurity = SecurityManager._SetThreadSecurity(false); try { // In the case of permit only, we define an exception to be failure of the check // and therefore we throw a security exception. permSet = GetPermitOnly(fDeclarative); if (permSet != null) { IPermission permFailed = null; bool bNeedToThrow = true; try { bNeedToThrow = !demandSet.CheckPermitOnly(permSet, out permFailed); } catch (ArgumentException) { } if (bNeedToThrow) { throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"), null, permSet, SecurityRuntime.GetMethodInfo(rmh), demandSet, permFailed); } } // In the case of denial, we define an exception to be failure of the check // and therefore we throw a security exception. permSet = GetDenials(fDeclarative); if (permSet != null) { IPermission permFailed = null; bool bNeedToThrow = true; try { bNeedToThrow = !demandSet.CheckDeny(permSet, out permFailed); } catch (ArgumentException) { } if (bNeedToThrow) { throw new SecurityException(Environment.GetResourceString("Security_GenericNoType"), permSet, null, SecurityRuntime.GetMethodInfo(rmh), demandSet, permFailed); } } // The assert case is more complex. Since asserts have the ability to "bleed through" // (where part of a demand is handled by an assertion, but the rest is passed on to // continue the stackwalk), we need to be more careful in handling the "failure" case. // Therefore, if an exception is thrown in performing any operation, we make sure to keep // that permission in the demand set thereby continuing the demand for that permission // walking down the stack. if (GetAssertAllPossible()) { return(SecurityRuntime.StackHalt); } permSet = GetAssertions(fDeclarative); if (permSet != null) { // If this frame asserts a superset of the demand set we're done if (demandSet.CheckAssertion(permSet)) { return(SecurityRuntime.StackHalt); } // Determine whether any of the demand set asserted. We do this by // copying the demand set and removing anything in it that is asserted. if (!permSet.IsUnrestricted()) { PermissionSet.RemoveAssertedPermissionSet(demandSet, permSet, out alteredDemandSet); } } } finally { if (bThreadSecurity) { SecurityManager._SetThreadSecurity(true); } } return(SecurityRuntime.StackContinue); }
internal static int GetSpecialFlags(PermissionSet grantSet, PermissionSet deniedSet) { if (grantSet != null && grantSet.IsUnrestricted() && (deniedSet == null || deniedSet.IsEmpty())) { return(-1); } SecurityPermissionFlag securityPermissionFlags = SecurityPermissionFlag.NoFlags; ReflectionPermissionFlag reflectionPermissionFlags = ReflectionPermissionFlag.NoFlags; CodeAccessPermission[] accessPermissionArray = new CodeAccessPermission[6]; if (grantSet != null) { if (grantSet.IsUnrestricted()) { securityPermissionFlags = SecurityPermissionFlag.AllFlags; reflectionPermissionFlags = ReflectionPermissionFlag.AllFlags | ReflectionPermissionFlag.RestrictedMemberAccess; for (int index = 0; index < accessPermissionArray.Length; ++index) { accessPermissionArray[index] = SecurityManager.s_UnrestrictedSpecialPermissionMap[index]; } } else { SecurityPermission securityPermission = grantSet.GetPermission(6) as SecurityPermission; if (securityPermission != null) { securityPermissionFlags = securityPermission.Flags; } ReflectionPermission reflectionPermission = grantSet.GetPermission(4) as ReflectionPermission; if (reflectionPermission != null) { reflectionPermissionFlags = reflectionPermission.Flags; } for (int index = 0; index < accessPermissionArray.Length; ++index) { accessPermissionArray[index] = grantSet.GetPermission(SecurityManager.s_BuiltInPermissionIndexMap[index][0]) as CodeAccessPermission; } } } if (deniedSet != null) { if (deniedSet.IsUnrestricted()) { securityPermissionFlags = SecurityPermissionFlag.NoFlags; reflectionPermissionFlags = ReflectionPermissionFlag.NoFlags; for (int index = 0; index < SecurityManager.s_BuiltInPermissionIndexMap.Length; ++index) { accessPermissionArray[index] = (CodeAccessPermission)null; } } else { SecurityPermission securityPermission = deniedSet.GetPermission(6) as SecurityPermission; if (securityPermission != null) { securityPermissionFlags &= ~securityPermission.Flags; } ReflectionPermission reflectionPermission = deniedSet.GetPermission(4) as ReflectionPermission; if (reflectionPermission != null) { reflectionPermissionFlags &= ~reflectionPermission.Flags; } for (int index = 0; index < SecurityManager.s_BuiltInPermissionIndexMap.Length; ++index) { CodeAccessPermission accessPermission = deniedSet.GetPermission(SecurityManager.s_BuiltInPermissionIndexMap[index][0]) as CodeAccessPermission; if (accessPermission != null && !accessPermission.IsSubsetOf((IPermission)null)) { accessPermissionArray[index] = (CodeAccessPermission)null; } } } } int specialFlags = SecurityManager.MapToSpecialFlags(securityPermissionFlags, reflectionPermissionFlags); if (specialFlags != -1) { for (int index = 0; index < accessPermissionArray.Length; ++index) { if (accessPermissionArray[index] != null && ((IUnrestrictedPermission)accessPermissionArray[index]).IsUnrestricted()) { specialFlags |= 1 << SecurityManager.s_BuiltInPermissionIndexMap[index][1]; } } } return(specialFlags); }