private static PermissionSet /*!*/ CreatePermissionSetByName() { string name = "Internet"; bool foundName = false; PermissionSet setIntersection = new PermissionSet(PermissionState.Unrestricted); // iterate over each policy level IEnumerator e = SecurityManager.PolicyHierarchy(); while (e.MoveNext()) { PolicyLevel level = (PolicyLevel)e.Current; PermissionSet levelSet = level.GetNamedPermissionSet(name); if (levelSet != null) { foundName = true; setIntersection = setIntersection.Intersect(levelSet); } } if (setIntersection == null || !foundName) { setIntersection = new PermissionSet(PermissionState.None); } else { setIntersection = new NamedPermissionSet(name, setIntersection); } return(setIntersection); }
}// ApplyData void onPermissionSetChange(Object o, EventArgs e) { m_npsCurPermSet = null; // We need to find the new permission set IEnumerator permsetEnumerator = m_pl.NamedPermissionSets.GetEnumerator(); while (permsetEnumerator.MoveNext()) { NamedPermissionSet permSet = (NamedPermissionSet)permsetEnumerator.Current; if (permSet.Name.Equals(m_cbPermissionSet.Text)) { m_npsCurPermSet = permSet; break; } } // If we couldn't find the permission set in the policy, then it must be the // unnamed one that the codegroup initially had if (m_npsCurPermSet == null) { m_npsCurPermSet = m_npsCreatedPermSet; } PutInPermissions(m_npsCurPermSet); m_btnViewPerm.Enabled = false; ActivateApply(); }// onPermissionSetChange
private static NamedPermissionSet BuildEverything() { NamedPermissionSet namedPermissionSet = new NamedPermissionSet("Everything", PermissionState.None); namedPermissionSet.AddPermission(new EnvironmentPermission(PermissionState.Unrestricted)); namedPermissionSet.AddPermission(new FileDialogPermission(PermissionState.Unrestricted)); namedPermissionSet.AddPermission(new FileIOPermission(PermissionState.Unrestricted)); namedPermissionSet.AddPermission(new IsolatedStorageFilePermission(PermissionState.Unrestricted)); namedPermissionSet.AddPermission(new ReflectionPermission(PermissionState.Unrestricted)); namedPermissionSet.AddPermission(new RegistryPermission(PermissionState.Unrestricted)); namedPermissionSet.AddPermission(new KeyContainerPermission(PermissionState.Unrestricted)); SecurityPermissionFlag securityPermissionFlag = SecurityPermissionFlag.AllFlags; securityPermissionFlag &= ~SecurityPermissionFlag.SkipVerification; namedPermissionSet.AddPermission(new SecurityPermission(securityPermissionFlag)); namedPermissionSet.AddPermission(new UIPermission(PermissionState.Unrestricted)); namedPermissionSet.AddPermission(PermissionBuilder.Create("System.Net.DnsPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089", PermissionState.Unrestricted)); namedPermissionSet.AddPermission(PermissionBuilder.Create("System.Drawing.Printing.PrintingPermission, System.Drawing, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a", PermissionState.Unrestricted)); namedPermissionSet.AddPermission(PermissionBuilder.Create("System.Diagnostics.EventLogPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089", PermissionState.Unrestricted)); namedPermissionSet.AddPermission(PermissionBuilder.Create("System.Net.SocketPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089", PermissionState.Unrestricted)); namedPermissionSet.AddPermission(PermissionBuilder.Create("System.Net.WebPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089", PermissionState.Unrestricted)); namedPermissionSet.AddPermission(PermissionBuilder.Create("System.Diagnostics.PerformanceCounterPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089", PermissionState.Unrestricted)); namedPermissionSet.AddPermission(PermissionBuilder.Create("System.DirectoryServices.DirectoryServicesPermission, System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a", PermissionState.Unrestricted)); namedPermissionSet.AddPermission(PermissionBuilder.Create("System.Messaging.MessageQueuePermission, System.Messaging, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a", PermissionState.Unrestricted)); namedPermissionSet.AddPermission(PermissionBuilder.Create("System.ServiceProcess.ServiceControllerPermission, System.ServiceProcess, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a", PermissionState.Unrestricted)); namedPermissionSet.AddPermission(PermissionBuilder.Create("System.Data.OleDb.OleDbPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089", PermissionState.Unrestricted)); namedPermissionSet.AddPermission(PermissionBuilder.Create("System.Data.SqlClient.SqlClientPermission, System.Data, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089", PermissionState.Unrestricted)); return(namedPermissionSet); }
private static NamedPermissionSet BuildExecution() { NamedPermissionSet namedPermissionSet = new NamedPermissionSet("Execution", PermissionState.None); namedPermissionSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution)); return(namedPermissionSet); }
}// ImportCodegroup private NamedPermissionSet ImportPermissionSet() { // We're importing a permission set NamedPermissionSet nps = null; try { SecurityElement se = SecurityXMLStuff.GetSecurityElementFromXMLFile(PermissionSetFilename); if (se == null) { throw new Exception("Invalid XML"); } nps = new NamedPermissionSet("Hi"); nps.FromXml(se); if (nps.Name == null || nps.Name.Length == 0) { nps.Name = Security.FindAGoodPermissionSetName(m_pl, "CustomPermissionSet"); } return(nps); } catch (Exception) { MessageBox(CResourceStore.GetString("XMLNoPermSet"), CResourceStore.GetString("XMLNoPermSetTitle"), MB.ICONEXCLAMATION); } return(null); }// ImportPermissionSet
public void FromXml_NoName() { NamedPermissionSet nps = new NamedPermissionSet(name, PermissionState.None); SecurityElement se = nps.ToXml(); SecurityElement w = new SecurityElement(se.Tag); w.AddAttribute("class", se.Attribute("class")); w.AddAttribute("version", "1"); nps.FromXml(w); // having a null name can badly influence the rest of the class code Assert.IsNull(nps.Name, "Name"); NamedPermissionSet copy = (NamedPermissionSet)nps.Copy(); Assert.IsNull(copy.Name, "Copy.Name"); copy = nps.Copy("name"); Assert.AreEqual("name", copy.Name, "Copy(Name).Name"); se = nps.ToXml(); Assert.IsNull(se.Attribute("Name"), "Name attribute"); #if NET_2_0 Assert.AreEqual(0, nps.GetHashCode(), "GetHashCode"); Assert.IsTrue(nps.Equals(nps), "Equals-self"); #endif }
}// CreateChildren internal CSinglePermissionSet AddPermissionSet(NamedPermissionSet nps) { // Make sure we have a unique permission set name int nCounter = 1; String sBase = nps.Name; while (Security.isPermissionSetNameUsed(m_pl, nps.Name)) { if (nCounter == 1) { nps.Name = String.Format(CResourceStore.GetString("CSinglePermissionSet:NewDupPermissionSet"), sBase); } else { nps.Name = String.Format(CResourceStore.GetString("CSinglePermissionSet:NumNewDupPermissionSet"), nCounter.ToString(), sBase); } nCounter++; } // Now add the new permission set m_pl.AddNamedPermissionSet(nps); CNode node = new CSinglePermissionSet(nps, m_pl, ReadOnly); int nCookie = CNodeManager.AddNode(ref node); AddChild(nCookie); InsertSpecificChild(nCookie); // Return the node we created return((CSinglePermissionSet)node); } // AddPermissionSet
internal static bool HasSqlClientPermission() { NamedPermissionSet permissionset = HttpRuntime.NamedPermissionSet; // If we don't have a NamedPermissionSet, we're in full trust if (permissionset == null) { return(true); } // Check that the user has unrestricted SqlClientPermission IPermission allowedPermission = permissionset.GetPermission(typeof(SqlClientPermission)); if (allowedPermission == null) { return(false); } IPermission askedPermission = null; try { askedPermission = new SqlClientPermission(PermissionState.Unrestricted); } catch { return(false); } return(askedPermission.IsSubsetOf(allowedPermission)); }
public void NameNull() { NamedPermissionSet nps = new NamedPermissionSet(name); nps.Name = null; // strangely this isn't a ArgumentNullException (but so says the doc) }
public void Name() { NamedPermissionSet nps = new NamedPermissionSet(name); nps.Name = sentinel; Assert.AreEqual(sentinel, nps.Name, "Name"); }
// Create a builtin permission set by name. private static PermissionSet CreateBuiltinPermissionSet(String name) { NamedPermissionSet set = null; switch (name) { case "Execution": { set = new NamedPermissionSet ("Execution", PermissionState.None); set.Description = _("Arg_PermissionsExecution"); set.AddPermission(new SecurityPermission (SecurityPermissionFlag.Execution)); } break; case "FullTrust": { set = new NamedPermissionSet ("FullTrust", PermissionState.Unrestricted); set.Description = _("Arg_PermissionsFullTrust"); } break; case "Internet": { set = new NamedPermissionSet ("Internet", PermissionState.None); set.Description = _("Arg_PermissionsInternet"); } break; case "LocalIntranet": { set = new NamedPermissionSet ("LocalIntranet", PermissionState.None); set.Description = _("Arg_PermissionsLocalIntranet"); } break; case "Nothing": { set = new NamedPermissionSet ("Nothing", PermissionState.None); set.Description = _("Arg_PermissionsNothing"); } break; case "SkipVerification": { set = new NamedPermissionSet ("SkipVerification", PermissionState.None); set.Description = _("Arg_PermissionsSkipVerification"); set.AddPermission(new SecurityPermission (SecurityPermissionFlag.SkipVerification)); } break; } return(set); }
public void RemoveNamedPermissionSet_NotFound() { PolicyLevel pl = Load(minimal, PolicyLevelType.Machine); NamedPermissionSet nps = new NamedPermissionSet("Mono", PermissionState.Unrestricted); pl.RemoveNamedPermissionSet(nps); }
public static void SetAppDomainPolicy(AppDomain appDomain) { // Create an AppDomain policy level. PolicyLevel pLevel = PolicyLevel.CreateAppDomainLevel(); // The root code group of the policy level combines all // permissions of its children. UnionCodeGroup rootCodeGroup; PermissionSet ps = new PermissionSet(PermissionState.None); ps.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution)); rootCodeGroup = new UnionCodeGroup(new AllMembershipCondition(), new PolicyStatement(ps, PolicyStatementAttribute.Nothing)); NamedPermissionSet localIntranet = FindNamedPermissionSet("LocalIntranet"); // The following code limits all code on this machine to local intranet permissions // when running in this application domain. UnionCodeGroup virtualIntranet = new UnionCodeGroup( new ZoneMembershipCondition(SecurityZone.MyComputer), new PolicyStatement(localIntranet, PolicyStatementAttribute.Nothing)); virtualIntranet.Name = "Virtual Intranet"; // Add the code groups to the policy level. rootCodeGroup.AddChild(virtualIntranet); pLevel.RootCodeGroup = rootCodeGroup; appDomain.SetAppDomainPolicy(pLevel); }
public void FromXml() { NamedPermissionSet nps = new NamedPermissionSet(name, PermissionState.None); SecurityElement se = nps.ToXml(); Assert.IsNotNull(se, "ToXml()"); NamedPermissionSet nps2 = (NamedPermissionSet)nps.Copy(); nps2.FromXml(se); Assert.AreEqual(name, nps2.Name, "FromXml-Copy.Name"); // strangely it's empty when converted from XML (but null when created) Assert.AreEqual("", nps2.Description, "FromXml-Copy.Description"); Assert.IsTrue(!nps2.IsUnrestricted(), "FromXml-Copy.IsUnrestricted"); se.AddAttribute("Description", sentinel); nps2.FromXml(se); Assert.AreEqual(name, nps2.Name, "FromXml-Add1.Name"); Assert.AreEqual(sentinel, nps2.Description, "FromXml-Add1.Description"); Assert.IsTrue(!nps2.IsUnrestricted(), "FromXml-Add1.IsUnrestricted"); se.AddAttribute("Unrestricted", "true"); nps2.FromXml(se); Assert.AreEqual(name, nps2.Name, "FromXml-Add2.Name"); Assert.AreEqual(sentinel, nps2.Description, "FromXml-Add2.Description"); Assert.IsTrue(nps2.IsUnrestricted(), "FromXml-Add2.IsUnrestricted"); }
private static NamedPermissionSet BuildLocalIntranet() { NamedPermissionSet nps = new NamedPermissionSet(ReservedNames.LocalIntranet, PermissionState.None); nps.AddPermission(new EnvironmentPermission(EnvironmentPermissionAccess.Read, "USERNAME;USER")); nps.AddPermission(new FileDialogPermission(PermissionState.Unrestricted)); IsolatedStorageFilePermission isfp = new IsolatedStorageFilePermission(PermissionState.None); isfp.UsageAllowed = IsolatedStorageContainment.AssemblyIsolationByUser; isfp.UserQuota = Int64.MaxValue; nps.AddPermission(isfp); nps.AddPermission(new ReflectionPermission(ReflectionPermissionFlag.ReflectionEmit)); SecurityPermissionFlag spf = SecurityPermissionFlag.Execution | SecurityPermissionFlag.Assertion; nps.AddPermission(new SecurityPermission(spf)); nps.AddPermission(new UIPermission(PermissionState.Unrestricted)); // DnsPermission requires stuff outside corlib (System) nps.AddPermission(PermissionBuilder.Create(DnsPermissionClass, PermissionState.Unrestricted)); // PrintingPermission requires stuff outside corlib (System.Drawing) nps.AddPermission(PermissionBuilder.Create(PrintingPermission("SafePrinting"))); return(nps); }
private static NamedPermissionSet BuildSkipVerification() { NamedPermissionSet namedPermissionSet = new NamedPermissionSet("SkipVerification", PermissionState.None); namedPermissionSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.SkipVerification)); return(namedPermissionSet); }
internal static bool HasSqlClientPermission() { NamedPermissionSet namedPermissionSet = HttpRuntime.NamedPermissionSet; if (namedPermissionSet == null) { return(true); } IPermission target = namedPermissionSet.GetPermission(typeof(SqlClientPermission)); if (target == null) { return(false); } IPermission permission2 = null; try { permission2 = new SqlClientPermission(PermissionState.Unrestricted); } catch { return(false); } return(permission2.IsSubsetOf(target)); }
private static NamedPermissionSet BuildExecution() { NamedPermissionSet nps = new NamedPermissionSet(ReservedNames.Execution, PermissionState.None); nps.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution)); return(nps); }
// Change a named permission set. public NamedPermissionSet ChangeNamedPermissionSet (String name, PermissionSet pSet) { // Validate the parameters. if (name == null) { throw new ArgumentNullException("name"); } if (pSet == null) { throw new ArgumentNullException("pSet"); } // Find the existing permission set with this name. NamedPermissionSet current = GetNamedPermissionSet(name); if (current == null) { throw new ArgumentException (_("Security_PermissionSetNotFound")); } // Make a copy of the previous permission set. NamedPermissionSet prev = (NamedPermissionSet)(current.Copy()); // Clear the permission set and recreate it from "pSet". current.CopyFrom(pSet); // Return the previsou permission set. return(prev); }
// -ap namedxmlfile // -addpset namedxmlfile // -ap xmlfile name // -addpset xmlfile name static bool AddPermissionSet(string [] args, ref int i) { // two syntax - so we first load the XML file and // if it's not a named XML file, then we use the next // parameter as it's name string xmlfile = args [++i]; PermissionSet ps = LoadPermissions(xmlfile); if ((ps == null) || !Confirm()) { return(false); } NamedPermissionSet nps = null; if (ps is NamedPermissionSet) { nps = (NamedPermissionSet)ps; } else { nps = new NamedPermissionSet(args [++i], ps); } foreach (PolicyLevel pl in Levels) { pl.AddNamedPermissionSet(nps); SecurityManager.SavePolicyLevel(pl); } return(true); }
}// AddMenuItems internal override void MenuCommand(int nCommandID, Object oResultItem) { if (nCommandID == COMMANDS.DUPLICATE_PERMISSIONSET) { NamedPermissionSet nps = (NamedPermissionSet)m_psetWrapper.PSet.Copy(); String sBaseName = nps.Name; nps.Name = String.Format(CResourceStore.GetString("CSinglePermissionSet:PrependtoDupPSets"), nps.Name); int nCounter = 1; // make sure it's not already used while (Security.isPermissionSetNameUsed(m_pl, nps.Name)) { nCounter++; nps.Name = String.Format(CResourceStore.GetString("CSinglePermissionSet:NumPrependtoDupPSets"), nCounter.ToString(), sBaseName); } CNode node = CNodeManager.GetNodeByHScope(ParentHScopeItem); CSinglePermissionSet newNode = ((CPermissionSet)node).AddPermissionSet(nps); newNode.SecurityPolicyChanged(); // Put the selection on the new permission set we just created CNodeManager.SelectScopeItem(newNode.HScopeItem); } else if (nCommandID == COMMANDS.VIEW_PERMISSION) { int iResultItem = (int)oResultItem - 1; // Pop up the Dialog Box for this permission (new CReadOnlyPermission((IPermission)m_alPermissions[iResultItem])).ShowDialog(); } else if (nCommandID == COMMANDS.ADD_PERMISSIONS) { CAddPermissionsWizard wiz = new CAddPermissionsWizard(m_psetWrapper); wiz.LaunchWizard(Cookie); if (wiz.didFinish) { SecurityPolicyChanged(); GenerateGivenPermissionsStringList(); CNodeManager.Console.SelectScopeItem(HScopeItem); } } else if (nCommandID == COMMANDS.SHOW_LISTVIEW) { m_oResults = this; RefreshResultView(); m_fShowHTMLPage = false; } else if (nCommandID == COMMANDS.SHOW_TASKPAD) { m_oResults = m_taskpad; m_fShowHTMLPage = true; // The HTML pages comes displayed with this checkbox marked. Make // sure we update the xml setting CConfigStore.SetSetting("ShowHTMLForPermissionSet", "yes"); RefreshResultView(); } }// MenuCommand
/// <summary>Replaces a <see cref="T:System.Security.NamedPermissionSet" /> in the current policy level with the specified <see cref="T:System.Security.PermissionSet" />.</summary> /// <returns>A copy of the <see cref="T:System.Security.NamedPermissionSet" /> that was replaced.</returns> /// <param name="name">The name of the <see cref="T:System.Security.NamedPermissionSet" /> to replace. </param> /// <param name="pSet">The <see cref="T:System.Security.PermissionSet" /> that replaces the <see cref="T:System.Security.NamedPermissionSet" /> specified by the <paramref name="name" /> parameter. </param> /// <exception cref="T:System.ArgumentNullException">The <paramref name="name" /> parameter is null.-or- The <paramref name="pSet" /> parameter is null. </exception> /// <exception cref="T:System.ArgumentException">The <paramref name="name" /> parameter is equal to the name of a reserved permission set.-or- The <see cref="T:System.Security.PermissionSet" /> specified by the <paramref name="pSet" /> parameter cannot be found. </exception> /// <PermissionSet> /// <IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Flags="ControlEvidence" /> /// </PermissionSet> public NamedPermissionSet ChangeNamedPermissionSet(string name, PermissionSet pSet) { if (name == null) { throw new ArgumentNullException("name"); } if (pSet == null) { throw new ArgumentNullException("pSet"); } if (DefaultPolicies.ReservedNames.IsReserved(name)) { throw new ArgumentException(Locale.GetText("Reserved name")); } foreach (object obj in this.named_permission_sets) { NamedPermissionSet namedPermissionSet = (NamedPermissionSet)obj; if (name == namedPermissionSet.Name) { this.named_permission_sets.Remove(namedPermissionSet); this.AddNamedPermissionSet(new NamedPermissionSet(name, pSet)); return(namedPermissionSet); } } throw new ArgumentException(Locale.GetText("PermissionSet not found")); }
}// CNewPermSetWizard protected override int WizSetActive(IntPtr hwnd) { // Make sure this sucker stays null m_ps = null; switch (GetPropPage(hwnd)) { // If this is the first page of our wizard, we want a // disabled next button to show case 0: if (NewPermissionSetName.Equals("")) { TurnOnNext(false); } else { TurnOnNext(true); } break; case 1: TurnOnFinish(true); break; } return(base.WizSetActive(hwnd)); }// WizSetActive
public void ChangeNamedPermissionSet_NotFound() { PolicyLevel pl = Load(minimal, PolicyLevelType.Machine); NamedPermissionSet nps2 = new NamedPermissionSet("Mono", PermissionState.None); pl.ChangeNamedPermissionSet("Mono", nps2); }
/// <summary>Reconstructs a security object with a given state from an XML encoding.</summary> /// <param name="e">The XML encoding to use to reconstruct the security object. </param> /// <exception cref="T:System.ArgumentNullException">The <paramref name="e" /> parameter is null. </exception> /// <exception cref="T:System.ArgumentException">The <see cref="T:System.Security.SecurityElement" /> specified by the <paramref name="e" /> parameter is invalid. </exception> /// <PermissionSet> /// <IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Flags="UnmanagedCode" /> /// </PermissionSet> public void FromXml(SecurityElement e) { if (e == null) { throw new ArgumentNullException("e"); } SecurityElement securityElement = e.SearchForChildByTag("SecurityClasses"); if (securityElement != null && securityElement.Children != null && securityElement.Children.Count > 0) { this.fullNames = new Hashtable(securityElement.Children.Count); foreach (object obj in securityElement.Children) { SecurityElement securityElement2 = (SecurityElement)obj; this.fullNames.Add(securityElement2.Attributes["Name"], securityElement2.Attributes["Description"]); } } SecurityElement securityElement3 = e.SearchForChildByTag("FullTrustAssemblies"); if (securityElement3 != null && securityElement3.Children != null && securityElement3.Children.Count > 0) { this.full_trust_assemblies.Clear(); foreach (object obj2 in securityElement3.Children) { SecurityElement securityElement4 = (SecurityElement)obj2; if (securityElement4.Tag != "IMembershipCondition") { throw new ArgumentException(Locale.GetText("Invalid XML")); } string text = securityElement4.Attribute("class"); if (text.IndexOf("StrongNameMembershipCondition") < 0) { throw new ArgumentException(Locale.GetText("Invalid XML - must be StrongNameMembershipCondition")); } this.full_trust_assemblies.Add(new StrongNameMembershipCondition(securityElement4)); } } SecurityElement securityElement5 = e.SearchForChildByTag("CodeGroup"); if (securityElement5 != null && securityElement5.Children != null && securityElement5.Children.Count > 0) { this.root_code_group = CodeGroup.CreateFromXml(securityElement5, this); SecurityElement securityElement6 = e.SearchForChildByTag("NamedPermissionSets"); if (securityElement6 != null && securityElement6.Children != null && securityElement6.Children.Count > 0) { this.named_permission_sets.Clear(); foreach (object obj3 in securityElement6.Children) { SecurityElement et = (SecurityElement)obj3; NamedPermissionSet namedPermissionSet = new NamedPermissionSet(); namedPermissionSet.Resolver = this; namedPermissionSet.FromXml(et); this.named_permission_sets.Add(namedPermissionSet); } } return; } throw new ArgumentException(Locale.GetText("Missing Root CodeGroup")); }
// S1006/ImperativeSecurity public static void Work() { NamedPermissionSet permissions = new NamedPermissionSet("Custom"); permissions.Demand(); SecureClass.RevertDocument(); }
// Add an entry to the "named permission sets" list. public void AddNamedPermissionSet(NamedPermissionSet permSet) { if (permSet == null) { throw new ArgumentNullException("permSet"); } namedPermissionSets.Add(permSet); }
public void FromXml_WrongTagCase() { NamedPermissionSet nps = new NamedPermissionSet(name, PermissionState.None); SecurityElement se = nps.ToXml(); se.Tag = se.Tag.ToUpper(); // instead of PermissionSet nps.FromXml(se); }
/// <summary>Removes the specified <see cref="T:System.Security.NamedPermissionSet" /> from the current policy level.</summary> /// <returns>The <see cref="T:System.Security.NamedPermissionSet" /> that was removed.</returns> /// <param name="permSet">The <see cref="T:System.Security.NamedPermissionSet" /> to remove from the current policy level. </param> /// <exception cref="T:System.ArgumentException">The <see cref="T:System.Security.NamedPermissionSet" /> specified by the <paramref name="permSet" /> parameter was not found. </exception> /// <exception cref="T:System.ArgumentNullException">The <paramref name="permSet" /> parameter is null. </exception> /// <PermissionSet> /// <IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Flags="ControlEvidence" /> /// </PermissionSet> public NamedPermissionSet RemoveNamedPermissionSet(NamedPermissionSet permSet) { if (permSet == null) { throw new ArgumentNullException("permSet"); } return(this.RemoveNamedPermissionSet(permSet.Name)); }
internal SecurityElement ToXml(PolicyLevel level, string policyClassName) { if ((this.m_membershipCondition == null) && (this.m_element != null)) { this.ParseMembershipCondition(); } if (this.m_children == null) { this.ParseChildren(); } if ((this.m_policy == null) && (this.m_element != null)) { this.ParsePolicy(); } SecurityElement element = new SecurityElement("CodeGroup"); XMLUtil.AddClassAttribute(element, base.GetType(), policyClassName); element.AddAttribute("version", "1"); element.AddChild(this.m_membershipCondition.ToXml(level)); if (this.m_policy != null) { PermissionSet permissionSetNoCopy = this.m_policy.GetPermissionSetNoCopy(); NamedPermissionSet set2 = permissionSetNoCopy as NamedPermissionSet; if (((set2 != null) && (level != null)) && (level.GetNamedPermissionSetInternal(set2.Name) != null)) { element.AddAttribute("PermissionSetName", set2.Name); } else if (!permissionSetNoCopy.IsEmpty()) { element.AddChild(permissionSetNoCopy.ToXml()); } if (this.m_policy.Attributes != PolicyStatementAttribute.Nothing) { element.AddAttribute("Attributes", XMLUtil.BitFieldEnumToString(typeof(PolicyStatementAttribute), this.m_policy.Attributes)); } } if (this.m_children.Count > 0) { lock (this) { IEnumerator enumerator = this.m_children.GetEnumerator(); while (enumerator.MoveNext()) { element.AddChild(((CodeGroup)enumerator.Current).ToXml(level)); } } } if (this.m_name != null) { element.AddAttribute("Name", SecurityElement.Escape(this.m_name)); } if (this.m_description != null) { element.AddAttribute("Description", SecurityElement.Escape(this.m_description)); } this.CreateXml(element, level); return(element); }
public static void NamedPermissionSetCallMethods() { NamedPermissionSet nps = new NamedPermissionSet("Test"); PermissionSet ps = nps.Copy(); NamedPermissionSet nps2 = nps.Copy("Test"); nps.Equals(nps2); int hash = nps.GetHashCode(); SecurityElement se = new SecurityElement(""); nps.FromXml(se); se = nps.ToXml(); }
public static void PolicyLevelCallMethods() { Policy.PolicyLevel pl = (Policy.PolicyLevel)Activator.CreateInstance(typeof(Policy.PolicyLevel), true); NamedPermissionSet nps = new NamedPermissionSet("test"); pl.AddNamedPermissionSet(nps); nps = pl.ChangeNamedPermissionSet("test", new PermissionSet(new Permissions.PermissionState())); Policy.PolicyLevel.CreateAppDomainLevel(); nps = pl.GetNamedPermissionSet("test"); pl.Recover(); NamedPermissionSet nps2 = pl.RemoveNamedPermissionSet(nps); nps2 = pl.RemoveNamedPermissionSet("test"); pl.Reset(); Policy.Evidence evidence = new Policy.Evidence(); Policy.PolicyStatement ps = pl.Resolve(evidence); Policy.CodeGroup cg = pl.ResolveMatchingCodeGroups(evidence); SecurityElement se = new SecurityElement(""); pl.FromXml(se); se = pl.ToXml(); }
private void LoadAllPermissionSets() { // This function loads all the permission sets held in the m_permSetElement member. // This is useful when you know that an arbitrary permission set loaded from // the config file could be accessed so you just want to forego the lazy load // and play it safe. if (m_permSetElement != null && m_permSetElement.m_lChildren != null) { Type type = typeof( PolicyLevel ); lock (type) { while (m_permSetElement != null && m_permSetElement.m_lChildren.Count != 0) { SecurityElement elPermSet = (SecurityElement)m_permSetElement.m_lChildren[m_permSetElement.m_lChildren.Count-1]; m_permSetElement.m_lChildren.RemoveAt( m_permSetElement.m_lChildren.Count-1 ); if (elPermSet.Tag.Equals( "PermissionSet" ) && elPermSet.Attribute( "class" ).Equals( "System.Security.NamedPermissionSet" )) { NamedPermissionSet permSet = new NamedPermissionSet(); permSet.FromXmlNameOnly( elPermSet ); if (permSet.Name != null) { m_namedPermissionSets.Add( permSet ); try { // We play it conservative here and just say that we are loading policy // anytime we have to decode a permission set. bool fullyLoaded; permSet.FromXml( elPermSet, true, out fullyLoaded ); } catch (Exception) { m_namedPermissionSets.Remove( permSet ); } } } } m_permSetElement = null; } } }
private static NamedPermissionSet CreateFullTrustSet() { NamedPermissionSet permSet = new NamedPermissionSet("FullTrust", PermissionState.Unrestricted); permSet.m_descrResource = "Policy_PS_FullTrust"; return permSet; }
private static NamedPermissionSet CreateNothingSet() { NamedPermissionSet permSet = new NamedPermissionSet("Nothing", PermissionState.None); permSet.m_descrResource = "Policy_PS_Nothing"; return permSet; }
private PermissionSet CreateFromXml (string xml) { #if !NET_2_1 SecurityParser sp = new SecurityParser (); try { sp.LoadXml (xml); } catch (Mono.Xml.SmallXmlParserException xe) { throw new XmlSyntaxException (xe.Line, xe.ToString ()); } SecurityElement se = sp.ToXml (); string className = se.Attribute ("class"); if (className == null) return null; PermissionState state = PermissionState.None; if (CodeAccessPermission.IsUnrestricted (se)) state = PermissionState.Unrestricted; if (className.EndsWith ("NamedPermissionSet")) { NamedPermissionSet nps = new NamedPermissionSet (se.Attribute ("Name"), state); nps.FromXml (se); return (PermissionSet) nps; } else if (className.EndsWith ("PermissionSet")) { PermissionSet ps = new PermissionSet (state); ps.FromXml (se); return ps; } #endif return null; }
public void AddNamedPermissionSet(NamedPermissionSet permSet) { }
internal NamedPermissionSet GetNamedPermissionSetInternal( String name ) { CheckLoaded( true ); Type type = typeof( PolicyLevel ); lock (type) { // First, try to find it in the list. IEnumerator enumerator = m_namedPermissionSets.GetEnumerator(); while (enumerator.MoveNext()) { NamedPermissionSet current = (NamedPermissionSet)enumerator.Current; if (current.Name.Equals( name )) { if (!current.IsFullyLoaded()) current.LoadPostponedPermissions(); // don't copy because we know we're not going to do // anything wrong return current; } } // We didn't find it in the list, so if we have a stored element // see if it is there. if (m_permSetElement != null) { SecurityElement elem = FindElement( name ); if (elem != null) { bool fullyLoaded; NamedPermissionSet permSet = new NamedPermissionSet(); permSet.Name = name; m_namedPermissionSets.Add( permSet ); try { // We play it conservative here and just say that we are loading policy // anytime we have to decode a permission set. permSet.FromXml( elem, true, out fullyLoaded ); } catch (Exception) { m_namedPermissionSets.Remove( permSet ); return null; } if (permSet.Name != null) { if (!fullyLoaded) { m_namedPermissionSets.Remove( permSet ); InsertElement( elem ); } return permSet; } else { m_namedPermissionSets.Remove( permSet ); return null; } } } return null; } }
internal static NamedPermissionSet CreateSkipVerificationSet() { NamedPermissionSet permSet; permSet = new NamedPermissionSet( "SkipVerification", PermissionState.None ); permSet.Description = "Grants right to bypass the verification"; permSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.SkipVerification)); return permSet; }
private static NamedPermissionSet BuildExecution () { NamedPermissionSet nps = new NamedPermissionSet (ReservedNames.Execution, PermissionState.None); nps.AddPermission (new SecurityPermission (SecurityPermissionFlag.Execution)); return nps; }
private static NamedPermissionSet BuildLocalIntranet () { NamedPermissionSet nps = new NamedPermissionSet (ReservedNames.LocalIntranet, PermissionState.None); nps.AddPermission (new EnvironmentPermission (EnvironmentPermissionAccess.Read, "USERNAME;USER")); nps.AddPermission (new FileDialogPermission (PermissionState.Unrestricted)); IsolatedStorageFilePermission isfp = new IsolatedStorageFilePermission (PermissionState.None); isfp.UsageAllowed = IsolatedStorageContainment.AssemblyIsolationByUser; isfp.UserQuota = Int64.MaxValue; nps.AddPermission (isfp); nps.AddPermission (new ReflectionPermission (ReflectionPermissionFlag.ReflectionEmit)); SecurityPermissionFlag spf = SecurityPermissionFlag.Execution | SecurityPermissionFlag.Assertion; nps.AddPermission (new SecurityPermission (spf)); nps.AddPermission (new UIPermission (PermissionState.Unrestricted)); // DnsPermission requires stuff outside corlib (System) nps.AddPermission (PermissionBuilder.Create (DnsPermissionClass, PermissionState.Unrestricted)); // PrintingPermission requires stuff outside corlib (System.Drawing) nps.AddPermission (PermissionBuilder.Create (PrintingPermission ("SafePrinting"))); return nps; }
internal static NamedPermissionSet CreateFullTrustSet() { NamedPermissionSet permSet; permSet = new NamedPermissionSet( "FullTrust", PermissionState.Unrestricted ); permSet.Description = "Allows full access to all resources"; return permSet; }
internal static NamedPermissionSet CreateNothingSet() { NamedPermissionSet permSet; permSet = new NamedPermissionSet( "Nothing", PermissionState.None ); permSet.Description = "Denies all resources, including the right to execute"; return permSet; }
internal static NamedPermissionSet CreateExecutionSet() { NamedPermissionSet permSet; permSet = new NamedPermissionSet( "Execution", PermissionState.None ); permSet.Description = "Permits execution"; permSet.AddPermission( new SecurityPermission( SecurityPermissionFlag.Execution ) ); return permSet; }
private static NamedPermissionSet BuildInternet () { NamedPermissionSet nps = new NamedPermissionSet (ReservedNames.Internet, PermissionState.None); nps.AddPermission (new FileDialogPermission (FileDialogPermissionAccess.Open)); IsolatedStorageFilePermission isfp = new IsolatedStorageFilePermission (PermissionState.None); isfp.UsageAllowed = IsolatedStorageContainment.DomainIsolationByUser; isfp.UserQuota = 512000; nps.AddPermission (isfp); nps.AddPermission (new SecurityPermission (SecurityPermissionFlag.Execution)); nps.AddPermission (new UIPermission (UIPermissionWindow.SafeTopLevelWindows, UIPermissionClipboard.OwnClipboard)); // PrintingPermission requires stuff outside corlib (System.Drawing) nps.AddPermission (PermissionBuilder.Create (PrintingPermission ("SafePrinting"))); return nps; }
// Add an entry to the "named permission sets" list. public void AddNamedPermissionSet(NamedPermissionSet permSet) { if(permSet == null) { throw new ArgumentNullException("permSet"); } namedPermissionSets.Add(permSet); }
private static NamedPermissionSet BuildEverything () { NamedPermissionSet nps = new NamedPermissionSet (ReservedNames.Everything, PermissionState.None); nps.AddPermission (new EnvironmentPermission (PermissionState.Unrestricted)); nps.AddPermission (new FileDialogPermission (PermissionState.Unrestricted)); nps.AddPermission (new FileIOPermission (PermissionState.Unrestricted)); nps.AddPermission (new IsolatedStorageFilePermission (PermissionState.Unrestricted)); nps.AddPermission (new ReflectionPermission (PermissionState.Unrestricted)); nps.AddPermission (new RegistryPermission (PermissionState.Unrestricted)); nps.AddPermission (new KeyContainerPermission (PermissionState.Unrestricted)); // not quite all in this case SecurityPermissionFlag spf = SecurityPermissionFlag.AllFlags; spf &= ~SecurityPermissionFlag.SkipVerification; nps.AddPermission (new SecurityPermission (spf)); nps.AddPermission (new UIPermission (PermissionState.Unrestricted)); // others requires stuff outside corlib nps.AddPermission (PermissionBuilder.Create (DnsPermissionClass, PermissionState.Unrestricted)); nps.AddPermission (PermissionBuilder.Create (PrintingPermissionClass, PermissionState.Unrestricted)); nps.AddPermission (PermissionBuilder.Create (EventLogPermissionClass, PermissionState.Unrestricted)); nps.AddPermission (PermissionBuilder.Create (SocketPermissionClass, PermissionState.Unrestricted)); nps.AddPermission (PermissionBuilder.Create (WebPermissionClass, PermissionState.Unrestricted)); nps.AddPermission (PermissionBuilder.Create (PerformanceCounterPermissionClass, PermissionState.Unrestricted)); nps.AddPermission (PermissionBuilder.Create (DirectoryServicesPermissionClass, PermissionState.Unrestricted)); nps.AddPermission (PermissionBuilder.Create (MessageQueuePermissionClass, PermissionState.Unrestricted)); nps.AddPermission (PermissionBuilder.Create (ServiceControllerPermissionClass, PermissionState.Unrestricted)); nps.AddPermission (PermissionBuilder.Create (OleDbPermissionClass, PermissionState.Unrestricted)); nps.AddPermission (PermissionBuilder.Create (SqlClientPermissionClass, PermissionState.Unrestricted)); // nps.AddPermission (PermissionBuilder.Create (DataProtectionPermissionClass, PermissionState.Unrestricted)); // nps.AddPermission (PermissionBuilder.Create (StorePermissionClass, PermissionState.Unrestricted)); return nps; }
// Remove a named permission set. public NamedPermissionSet RemoveNamedPermissionSet (NamedPermissionSet permSet) { if(permSet == null) { throw new ArgumentNullException("permSet"); } return RemoveNamedPermissionSet(permSet.Name); }
/// <include file='doc\PolicyLevel.uex' path='docs/doc[@for="PolicyLevel.RemoveNamedPermissionSet"]/*' /> public NamedPermissionSet RemoveNamedPermissionSet( NamedPermissionSet permSet ) { CheckLoaded( true ); if (permSet == null) throw new ArgumentNullException( "permSet" ); return RemoveNamedPermissionSet( permSet.Name ); }
[System.Security.SecurityCritical] // auto-generated private void LoadAllPermissionSets() { // This function loads all the permission sets held in the m_permSetElement member. // This is useful when you know that an arbitrary permission set loaded from // the config file could be accessed so you just want to forego the lazy load // and play it safe. if (m_permSetElement != null && m_permSetElement.InternalChildren != null) { lock (InternalSyncObject) { while (m_permSetElement != null && m_permSetElement.InternalChildren.Count != 0) { SecurityElement elPermSet = (SecurityElement)m_permSetElement.Children[m_permSetElement.InternalChildren.Count-1]; m_permSetElement.InternalChildren.RemoveAt(m_permSetElement.InternalChildren.Count-1); if (elPermSet.Tag.Equals("PermissionSet") && elPermSet.Attribute("class").Equals("System.Security.NamedPermissionSet")) { NamedPermissionSet permSet = new NamedPermissionSet(); permSet.FromXmlNameOnly(elPermSet); if (permSet.Name != null) { m_namedPermissionSets.Add(permSet); try { permSet.FromXml(elPermSet, false, true); } catch { m_namedPermissionSets.Remove(permSet); } } } } m_permSetElement = null; } } }
/// <include file='doc\PolicyLevel.uex' path='docs/doc[@for="PolicyLevel.AddNamedPermissionSet"]/*' /> public void AddNamedPermissionSet( NamedPermissionSet permSet ) { CheckLoaded( true ); LoadAllPermissionSets(); lock (this) { if (permSet == null) throw new ArgumentNullException("permSet"); IEnumerator enumerator = m_namedPermissionSets.GetEnumerator(); while (enumerator.MoveNext()) { if (((NamedPermissionSet)enumerator.Current).Name.Equals( permSet.Name )) { throw new ArgumentException( Environment.GetResourceString( "Argument_DuplicateName" ) ); } } m_namedPermissionSets.Add( permSet.Copy() ); } }
[System.Security.SecuritySafeCritical] // auto-generated public void AddNamedPermissionSet(NamedPermissionSet permSet) { if (permSet == null) throw new ArgumentNullException("permSet"); Contract.EndContractBlock(); CheckLoaded(); LoadAllPermissionSets(); lock (this) { IEnumerator enumerator = m_namedPermissionSets.GetEnumerator(); while (enumerator.MoveNext()) { if (((NamedPermissionSet)enumerator.Current).Name.Equals(permSet.Name)) throw new ArgumentException(Environment.GetResourceString("Argument_DuplicateName")); } NamedPermissionSet npsCopy = (NamedPermissionSet)permSet.Copy(); npsCopy.IgnoreTypeLoadFailures = true; m_namedPermissionSets.Add(npsCopy); } }
public NamedPermissionSet(NamedPermissionSet permSet) {}
public NamedPermissionSet RemoveNamedPermissionSet(NamedPermissionSet permSet) { if (permSet == null) throw new ArgumentNullException("permSet"); Contract.EndContractBlock(); return RemoveNamedPermissionSet(permSet.Name); }
public NamedPermissionSet RemoveNamedPermissionSet(NamedPermissionSet permSet) { return default(NamedPermissionSet); }
[System.Security.SecurityCritical] // auto-generated internal NamedPermissionSet GetNamedPermissionSetInternal(string name) { CheckLoaded(); lock (InternalSyncObject) { // First, try to find it in the list. foreach (NamedPermissionSet permissionSet in m_namedPermissionSets) { if (permissionSet.Name.Equals(name)) { return permissionSet; } } // We didn't find it in the list, so if we have a stored element // see if it is there. if (m_permSetElement != null) { SecurityElement elem = FindElement(m_permSetElement, name); if (elem != null) { NamedPermissionSet permSet = new NamedPermissionSet(); permSet.Name = name; m_namedPermissionSets.Add(permSet); try { // We play it conservative here and just say that we are loading policy // anytime we have to decode a permission set. permSet.FromXml(elem, false, true); } catch { m_namedPermissionSets.Remove(permSet); return null; } if (permSet.Name != null) { return permSet; } else { m_namedPermissionSets.Remove(permSet); } } } } return null; }
// Create new code groups using the custom named permission sets previously created. private static void CreateCodeGroups() { // Create instances of the named permission sets created earlier to establish the // permissions for the new code groups. NamedPermissionSet companyCodeSet = new NamedPermissionSet("MyCompany",PermissionState.Unrestricted); NamedPermissionSet departmentCodeSet = new NamedPermissionSet("MyDepartment",PermissionState.Unrestricted); // Create new code groups using the named permission sets. PolicyStatement policyMyCompany = new PolicyStatement(companyCodeSet,PolicyStatementAttribute.LevelFinal); PolicyStatement policyMyDepartment = new PolicyStatement(departmentCodeSet,PolicyStatementAttribute.Exclusive); // Create new code groups using UnionCodeGroup. CodeGroup myCompanyZone = new UnionCodeGroup(new ZoneMembershipCondition(SecurityZone.Intranet), policyMyCompany); myCompanyZone.Name = "MyCompanyCodeGroup"; byte[] b1 = { 0, 36, 0, 0, 4, 128, 0, 0, 148, 0, 0, 0, 6, 2, 0, 0, 0, 36, 0, 0, 82, 83, 65, 49, 0, 4, 0, 0, 1, 0, 1, 0, 237, 146, 145, 51, 34, 97, 123, 196, 90, 174, 41, 170, 173, 221, 41, 193, 175, 39, 7, 151, 178, 0, 230, 152, 218, 8, 206, 206, 170,84, 111, 145, 26, 208, 158, 240, 246, 219, 228, 34, 31, 163, 11, 130, 16, 199, 111, 224, 4, 112, 46, 84, 0, 104, 229, 38, 39, 63, 53, 189, 0, 157, 32, 38, 34, 109, 0, 171, 114, 244, 34, 59, 9, 232, 150, 192, 247, 175, 104, 143, 171, 42, 219, 66, 66, 194, 191, 218, 121, 59, 92, 42, 37, 158, 13, 108, 210, 189, 9, 203, 204, 32, 48, 91, 212, 101, 193, 19, 227, 107, 25, 133, 70, 2, 220, 83, 206, 71, 102, 245, 104, 252, 87, 109, 190, 56, 34, 180}; StrongNamePublicKeyBlob blob = new StrongNamePublicKeyBlob(b1); CodeGroup myDepartmentZone = new UnionCodeGroup(new StrongNameMembershipCondition(blob, null, null), policyMyDepartment); myDepartmentZone.Name = "MyDepartmentCodeGroup"; // Move through the policy levels looking for the Machine policy level. // Create two new code groups at that level. IEnumerator policyEnumerator = SecurityManager.PolicyHierarchy(); while(policyEnumerator.MoveNext()) { // At the Machine level delete already existing copies of the custom code groups, // then create the new code groups. PolicyLevel currentLevel = (PolicyLevel)policyEnumerator.Current; if (currentLevel.Label == "Machine") { // Remove old instances of the custom groups. DeleteCustomCodeGroups(); // Add the new code groups. //******************************************************* // To add a child code group, add the child to the parent prior to adding // the parent to the root. myCompanyZone.AddChild(myDepartmentZone); // Add the parent to the root code group. currentLevel.RootCodeGroup.AddChild(myCompanyZone); SecurityManager.SavePolicy(); } } // Save the security policy. SecurityManager.SavePolicy(); Console.WriteLine("Security policy modified."); Console.WriteLine("New code groups added at the Machine policy level."); }
private static NamedPermissionSet CreateSkipVerificationSet() { NamedPermissionSet permSet = new NamedPermissionSet("SkipVerification", PermissionState.None); permSet.m_descrResource = "Policy_PS_SkipVerification"; permSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.SkipVerification)); return permSet; }
public void AddNamedPermissionSet (NamedPermissionSet permSet) { if (permSet == null) throw new ArgumentNullException ("permSet"); foreach (NamedPermissionSet n in named_permission_sets) { if (permSet.Name == n.Name) { throw new ArgumentException ( Locale.GetText ("This NamedPermissionSet is the same an existing NamedPermissionSet.")); } } named_permission_sets.Add (permSet.Copy ()); }
public void FromXml (SecurityElement e) { if (e == null) throw new ArgumentNullException ("e"); // MS doesn't throw an exception for this case // if (e.Tag != "PolicyLevel") // throw new ArgumentException (Locale.GetText ("Invalid XML")); SecurityElement sc = e.SearchForChildByTag ("SecurityClasses"); if ((sc != null) && (sc.Children != null) && (sc.Children.Count > 0)) { fullNames = new Hashtable (sc.Children.Count); foreach (SecurityElement se in sc.Children) { fullNames.Add (se.Attributes ["Name"], se.Attributes ["Description"]); } } SecurityElement fta = e.SearchForChildByTag ("FullTrustAssemblies"); if ((fta != null) && (fta.Children != null) && (fta.Children.Count > 0)) { full_trust_assemblies.Clear (); foreach (SecurityElement se in fta.Children) { if (se.Tag != "IMembershipCondition") throw new ArgumentException (Locale.GetText ("Invalid XML")); string className = se.Attribute ("class"); if (className.IndexOf ("StrongNameMembershipCondition") < 0) throw new ArgumentException (Locale.GetText ("Invalid XML - must be StrongNameMembershipCondition")); // we directly use StrongNameMembershipCondition full_trust_assemblies.Add (new StrongNameMembershipCondition (se)); } } SecurityElement cg = e.SearchForChildByTag ("CodeGroup"); if ((cg != null) && (cg.Children != null) && (cg.Children.Count > 0)) { root_code_group = CodeGroup.CreateFromXml (cg, this); } else { throw new ArgumentException (Locale.GetText ("Missing Root CodeGroup")); } SecurityElement nps = e.SearchForChildByTag ("NamedPermissionSets"); if ((nps != null) && (nps.Children != null) && (nps.Children.Count > 0)) { named_permission_sets.Clear (); foreach (SecurityElement se in nps.Children) { NamedPermissionSet n = new NamedPermissionSet (); n.Resolver = this; n.FromXml (se); named_permission_sets.Add (n); } } }