public ThirdPolicy()
{
Whitelist = new Whitelist();
Whitelist.Namespace("System.Collections", Permission.Allowed);
Whitelist.Namespace("System.OS", Permission.Denied);
MethodValidators.AddRange(new IValidator <MethodDefinition>[]
{
new UncheckedMathValidator()
});
}
public SecondPolicy()
{
Whitelist = new Whitelist();
Whitelist.Namespace("System.Linq", Permission.Allowed);
Whitelist.Namespace("System.DateTime", Permission.Denied);
MethodValidators.AddRange(new IValidator <MethodDefinition>[]
{
new MultiDimArrayValidator(),
});
}
public FirstPolicy()
{
Whitelist = new Whitelist();
Whitelist.Namespace("System.Text", Permission.Allowed);
Whitelist.Namespace("System.Random", Permission.Denied);
MethodValidators.AddRange(new IValidator <MethodDefinition>[]
{
new ArrayValidator(),
new FloatOpsValidator(),
});
}
private void WhitelistLinqAndCollections()
{
Whitelist
.Namespace("System.Linq", Permission.Allowed)
.Namespace("System.Collections", Permission.Allowed)
.Namespace("System.Collections.Generic", Permission.Allowed)
;
}
private void WhitelistReflectionTypes()
{
Whitelist
// Used by protobuf generated code
.Namespace("System.Reflection", Permission.Denied, type => type
.Type(nameof(AssemblyCompanyAttribute), Permission.Allowed)
.Type(nameof(AssemblyConfigurationAttribute), Permission.Allowed)
.Type(nameof(AssemblyFileVersionAttribute), Permission.Allowed)
.Type(nameof(AssemblyInformationalVersionAttribute), Permission.Allowed)
.Type(nameof(AssemblyProductAttribute), Permission.Allowed)
.Type(nameof(AssemblyTitleAttribute), Permission.Allowed))
;
}
private void WhitelistOthers()
{
Whitelist
// Used for converting numbers to strings
.Namespace("System.Globalization", Permission.Denied, type => type
.Type(nameof(CultureInfo), Permission.Denied, m => m
.Member(nameof(CultureInfo.InvariantCulture), Permission.Allowed)))
// Used for initializing large arrays hardcoded in the code, array validator will take care of the size
.Namespace("System.Runtime.CompilerServices", Permission.Denied, type => type
.Type(nameof(RuntimeHelpers), Permission.Denied, member => member
.Member(nameof(RuntimeHelpers.InitializeArray), Permission.Allowed)))
;
}
private void WhitelistSystemTypes()
{
Whitelist
// Selectively allowed types and members
.Namespace("System", Permission.Denied, type => type
.Type(typeof(Array), Permission.Denied, member => member
.Member(nameof(Array.AsReadOnly), Permission.Allowed))
.Type("Func`1", Permission.Allowed) // Required for protobuf generated code
.Type("Func`2", Permission.Allowed) // Required for protobuf generated code
.Type("Func`3", Permission.Allowed) // Required for protobuf generated code
.Type("Nullable`1", Permission.Allowed) // Required for protobuf generated code
// Required to support yield keyword in protobuf generated code
.Type(typeof(Environment), Permission.Denied, member => member
.Member(nameof(Environment.CurrentManagedThreadId), Permission.Allowed))
.Type(typeof(BitConverter), Permission.Denied, member => member
.Member(nameof(BitConverter.GetBytes), Permission.Allowed))
.Type(typeof(Uri), Permission.Denied, member => member
.Member(nameof(Uri.TryCreate), Permission.Allowed)
.Member(nameof(Uri.Scheme), Permission.Allowed)
.Member(nameof(Uri.UriSchemeHttp), Permission.Allowed)
.Member(nameof(Uri.UriSchemeHttps), Permission.Allowed))
.Type(typeof(NotImplementedException),
Permission.Allowed) // Required for protobuf generated code
.Type(typeof(NotSupportedException), Permission.Allowed) // Required for protobuf generated code
.Type(typeof(ArgumentOutOfRangeException), Permission.Allowed) // From AEDPoS
.Type(nameof(DateTime), Permission.Allowed, member => member
.Member(nameof(DateTime.Now), Permission.Denied)
.Member(nameof(DateTime.UtcNow), Permission.Denied)
.Member(nameof(DateTime.Today), Permission.Denied))
.Type(typeof(void).Name, Permission.Allowed)
.Type(typeof(object).Name, Permission.Allowed)
.Type(typeof(Type).Name, Permission.Allowed)
.Type(typeof(IDisposable).Name, Permission.Allowed)
.Type(typeof(Convert).Name, Permission.Allowed)
.Type(typeof(Math).Name, Permission.Allowed)
// Primitive types
.Type(typeof(bool).Name, Permission.Allowed)
.Type(typeof(byte).Name, Permission.Allowed)
.Type(typeof(sbyte).Name, Permission.Allowed)
.Type(typeof(char).Name, Permission.Allowed)
.Type(typeof(int).Name, Permission.Allowed)
.Type(typeof(uint).Name, Permission.Allowed)
.Type(typeof(long).Name, Permission.Allowed)
.Type(typeof(ulong).Name, Permission.Allowed)
.Type(typeof(decimal).Name, Permission.Allowed)
.Type(typeof(string).Name, Permission.Allowed, member => member
.Constructor(Permission.Denied))
.Type(typeof(Byte[]).Name, Permission.Allowed)
);
}
public PrivilegePolicy()
{
Whitelist = Whitelist.Namespace("System.Threading", Permission.Allowed);
}