internal bool ProcessFrame(SecurityFrame frame, ref Assembly current, ref AppDomain domain)
{
if (IsUnrestricted())
{
// we request unrestricted
if (frame.Deny != null)
{
// but have restrictions (some denied permissions)
CodeAccessPermission.ThrowSecurityException(this, "Deny", frame, SecurityAction.Demand, null);
}
else if ((frame.PermitOnly != null) && !frame.PermitOnly.IsUnrestricted())
{
// but have restrictions (only some permitted permissions)
CodeAccessPermission.ThrowSecurityException(this, "PermitOnly", frame, SecurityAction.Demand, null);
}
}
// skip next steps if no Assert, Deny or PermitOnly are present
if (frame.HasStackModifiers)
{
for (int i = 0; i < list.Count; i++)
{
CodeAccessPermission cap = (CodeAccessPermission)list [i];
if (cap.ProcessFrame(frame))
{
_ignored [i] = true; // asserted
if (AllIgnored())
{
return(true); // no more, abort stack walk!
}
}
}
}
// however the "final" grant set is resolved by assembly, so
// there's no need to check it every time (just when we're
// changing assemblies between frames).
if (frame.Assembly != current)
{
CheckAssembly(current, frame);
current = frame.Assembly;
}
if (frame.Domain != domain)
{
CheckAppDomain(domain, frame);
domain = frame.Domain;
}
return(false);
}