internal void CheckAssembly(Assembly a, SecurityFrame frame) { IPermission p = SecurityManager.CheckPermissionSet(a, this, false); if (p != null) { CodeAccessPermission.ThrowSecurityException(this, "Demand failed assembly permissions checks.", frame, SecurityAction.Demand, p); } }
internal void CheckAppDomain(AppDomain domain, SecurityFrame frame) { IPermission p = SecurityManager.CheckPermissionSet(domain, this); if (p != null) { CodeAccessPermission.ThrowSecurityException(this, "Demand failed appdomain permissions checks.", frame, SecurityAction.Demand, p); } }
internal bool ProcessFrame(SecurityFrame frame) { if (frame.PermitOnly != null) { bool flag = frame.PermitOnly.IsUnrestricted(); if (!flag) { foreach (object obj in frame.PermitOnly) { IPermission permission = (IPermission)obj; if (this.CheckPermitOnly(permission as CodeAccessPermission)) { flag = true; break; } } } if (!flag) { CodeAccessPermission.ThrowSecurityException(this, "PermitOnly", frame, SecurityAction.Demand, null); } } if (frame.Deny != null) { if (frame.Deny.IsUnrestricted()) { CodeAccessPermission.ThrowSecurityException(this, "Deny", frame, SecurityAction.Demand, null); } foreach (object obj2 in frame.Deny) { IPermission permission2 = (IPermission)obj2; if (!this.CheckDeny(permission2 as CodeAccessPermission)) { CodeAccessPermission.ThrowSecurityException(this, "Deny", frame, SecurityAction.Demand, permission2); } } } if (frame.Assert != null) { if (frame.Assert.IsUnrestricted()) { return(true); } foreach (object obj3 in frame.Assert) { IPermission permission3 = (IPermission)obj3; if (this.CheckAssert(permission3 as CodeAccessPermission)) { return(true); } } return(false); } return(false); }
internal bool ProcessFrame(SecurityFrame frame, ref Assembly current, ref AppDomain domain) { if (IsUnrestricted()) { // we request unrestricted if (frame.Deny != null) { // but have restrictions (some denied permissions) CodeAccessPermission.ThrowSecurityException(this, "Deny", frame, SecurityAction.Demand, null); } else if ((frame.PermitOnly != null) && !frame.PermitOnly.IsUnrestricted()) { // but have restrictions (only some permitted permissions) CodeAccessPermission.ThrowSecurityException(this, "PermitOnly", frame, SecurityAction.Demand, null); } } // skip next steps if no Assert, Deny or PermitOnly are present if (frame.HasStackModifiers) { for (int i = 0; i < list.Count; i++) { CodeAccessPermission cap = (CodeAccessPermission)list [i]; if (cap.ProcessFrame(frame)) { _ignored [i] = true; // asserted if (AllIgnored()) { return(true); // no more, abort stack walk! } } } } // however the "final" grant set is resolved by assembly, so // there's no need to check it every time (just when we're // changing assemblies between frames). if (frame.Assembly != current) { CheckAssembly(current, frame); current = frame.Assembly; } if (frame.Domain != domain) { CheckAppDomain(domain, frame); domain = frame.Domain; } return(false); }