static void Main(string[] args) { // Create the permission set to grant to other assemblies. // In this case we are granting the permissions found in the LocalIntranet zone. PermissionSet permissionSet = GetNamedPermissionSet("LocalIntranet"); if (permissionSet == null) return; AppDomainSetup appDomainSetup = new AppDomainSetup(); // Identify the folder to use for the sandbox. Directory.CreateDirectory("C:\\Sandbox"); appDomainSetup.ApplicationBase = "C:\\Sandbox"; // Copy the application to be executed to the sandbox. File.Copy(@"..\..\..\NewConsoleApp\Bin\Debug\NewConsoleApp.exe", "C:\\sandbox\\NewConsoleApp.exe", true); File.Copy(@"..\..\..\NewConsoleApp\Bin\Debug\NewConsoleApp.pdb", "C:\\sandbox\\NewConsoleApp.pdb", true); Evidence hostEvidence = new Evidence(); // Create the sandboxed domain. AppDomain sandbox = AppDomain.CreateDomain( "Sandboxed Domain", hostEvidence, appDomainSetup, permissionSet, GetStrongName(Assembly.GetExecutingAssembly())); sandbox.ExecuteAssemblyByName("NewConsoleApp"); }
protected static AppDomain CreateDomainHelper(string friendlyName, Evidence securityInfo, AppDomainSetup appDomainInfo) { if (friendlyName == null) { throw new ArgumentNullException(Environment.GetResourceString("ArgumentNull_String")); } if (securityInfo != null) { new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand(); AppDomain.CheckDomainCreationEvidence(appDomainInfo, securityInfo); } if (appDomainInfo == null) { appDomainInfo = new AppDomainSetup(); } if ((appDomainInfo.AppDomainManagerAssembly == null) || (appDomainInfo.AppDomainManagerType == null)) { string str; string str2; AppDomain.CurrentDomain.GetAppDomainManagerType(out str, out str2); if (appDomainInfo.AppDomainManagerAssembly == null) { appDomainInfo.AppDomainManagerAssembly = str; } if (appDomainInfo.AppDomainManagerType == null) { appDomainInfo.AppDomainManagerType = str2; } } return AppDomain.nCreateDomain(friendlyName, appDomainInfo, securityInfo, (securityInfo == null) ? AppDomain.CurrentDomain.InternalEvidence : null, AppDomain.CurrentDomain.GetSecurityDescriptor()); }
public static LoadedAssembly Load(String assemblyFilePath) { string currentExecutingAssemblyPath = Assembly.GetExecutingAssembly().Location; if (currentExecutingAssemblyPath.StartsWith("File:")) currentExecutingAssemblyPath = currentExecutingAssemblyPath.Substring(9).Replace("/", "\\"); else if (string.IsNullOrWhiteSpace(currentExecutingAssemblyPath)) currentExecutingAssemblyPath = Assembly.GetExecutingAssembly().CodeBase.Substring(9).Replace("/", "\\"); string newAppDomainFolderPath = currentExecutingAssemblyPath.Substring(0, currentExecutingAssemblyPath.LastIndexOf("\\")); string tempAppDomainName = Guid.NewGuid().ToString(); var appDomainSecurity = new Evidence(AppDomain.CurrentDomain.Evidence); AppDomain appDomain = AppDomain.CreateDomain( friendlyName: tempAppDomainName, securityInfo: appDomainSecurity, appBasePath: newAppDomainFolderPath, appRelativeSearchPath: null, shadowCopyFiles: true); FileLoader fileLoader = (FileLoader)appDomain.CreateInstanceAndUnwrap( Assembly.GetExecutingAssembly().FullName, typeof(FileLoader).FullName); Assembly assembly = fileLoader.LoadAssembly(assemblyFilePath); return new LoadedAssembly { Module = assembly, Domain = appDomain }; }
public override PolicyStatement Resolve(Evidence evidence) { if (evidence == null) { throw new ArgumentNullException("evidence"); } object usedEvidence = null; if (!PolicyManager.CheckMembershipCondition(base.MembershipCondition, evidence, out usedEvidence)) { return null; } PolicyStatement policyStatement = base.PolicyStatement; IDelayEvaluatedEvidence dependentEvidence = usedEvidence as IDelayEvaluatedEvidence; if ((dependentEvidence != null) && !dependentEvidence.IsVerified) { policyStatement.AddDependentEvidence(dependentEvidence); } bool flag2 = false; IEnumerator enumerator = base.Children.GetEnumerator(); while (enumerator.MoveNext() && !flag2) { PolicyStatement childPolicy = PolicyManager.ResolveCodeGroup(enumerator.Current as CodeGroup, evidence); if (childPolicy != null) { policyStatement.InplaceUnion(childPolicy); if ((childPolicy.Attributes & PolicyStatementAttribute.Exclusive) == PolicyStatementAttribute.Exclusive) { flag2 = true; } } } return policyStatement; }
public static Evidence CreateEvidenceForUrl (string securityUrl) { Evidence e = new Evidence (); if ((securityUrl != null) && (securityUrl.Length > 0)) { try { Url url = new Url (securityUrl); e.AddHost (url); } catch (ArgumentException) { } try { Zone zone = Zone.CreateFromUrl (securityUrl); e.AddHost (zone); } catch (ArgumentException) { } try { Site site = Site.CreateFromUrl (securityUrl); e.AddHost (site); } catch (ArgumentException) { } } return e; }
/// <summary> /// Creates a new AppDomain based on the parent AppDomains /// Evidence and AppDomainSetup /// </summary> /// <param name="parentDomain">The parent AppDomain</param> /// <returns>A newly created AppDomain</returns> private AppDomain BuildChildDomain(AppDomain parentDomain) { Evidence evidence = new Evidence(parentDomain.Evidence); AppDomainSetup setup = parentDomain.SetupInformation; return AppDomain.CreateDomain("DiscoveryRegion", evidence, setup); }
/// <summary> /// Creates a new child domain and copies the evidence from a parent domain. /// </summary> /// <param name="parentDomain">The parent domain.</param> /// <returns>The new child domain.</returns> /// <remarks> /// Grabs the <paramref name="parentDomain"/> evidence and uses it to construct the new /// <see cref="AppDomain"/> because in a ClickOnce execution environment, creating an /// <see cref="AppDomain"/> will by default pick up the partial trust environment of /// the AppLaunch.exe, which was the root executable. The AppLaunch.exe does a /// create domain and applies the evidence from the ClickOnce manifests to /// create the domain that the application is actually executing in. This will /// need to be Full Trust for Composite Application Library applications. /// </remarks> protected virtual AppDomain BuildChildDomain(AppDomain parentDomain) { Evidence evidence = new Evidence(parentDomain.Evidence); AppDomainSetup setup = parentDomain.SetupInformation; var domain = AppDomain.CreateDomain("DiscoveryRegion", evidence, setup); return domain; }
// Constructor. internal BaseVsaEngine(String language, String version, bool supportDebug) { applicationPath = String.Empty; assemblyVersion = version; compiledRootNamespace = null; engineMoniker = String.Empty; engineName = String.Empty; engineSite = null; errorLocale = CultureInfo.CurrentCulture.LCID; executionEvidence = null; failedCompilation = false; genDebugInfo = false; haveCompiledState = false; isClosed = false; isDebugInfoSupported = supportDebug; isEngineCompiled = false; isEngineDirty = false; isEngineInitialized = false; isEngineRunning = false; loadedAssembly = null; rootNamespace = String.Empty; scriptLanguage = language; startupClass = null; startupInstance = null; vsaItems = null; }
bool IReportMatchMembershipCondition.Check(Evidence evidence, out object usedEvidence) { usedEvidence = null; if (evidence == null) return false; ApplicationDirectory dir = evidence.GetHostEvidence<ApplicationDirectory>(); Url url = evidence.GetHostEvidence<Url>(); if (dir != null && url != null) { // We need to add a wildcard at the end because IsSubsetOf keys off of it. String appDir = dir.Directory; if (appDir != null && appDir.Length > 1) { if (appDir[appDir.Length-1] == '/') appDir += "*"; else appDir += "/*"; URLString appDirString = new URLString(appDir); if (url.GetURLString().IsSubsetOf(appDirString)) { usedEvidence = dir; return true; } } } return false; }
// Implement the IMembership interface. public bool Check(Evidence evidence) { if(evidence == null) { return false; } IEnumerator e = evidence.GetHostEnumerator(); IEnumerator e2; while(e.MoveNext()) { ApplicationDirectory appDir = (e.Current as ApplicationDirectory); if(appDir != null) { e2 = evidence.GetHostEnumerator(); while(e2.MoveNext()) { Url url = (e2.Current as Url); if(url != null) { if(Match(url.parser, appDir.Directory)) { return true; } } } } } return false; }
protected override void Arrange() { base.Arrange(); var fullyTrustedAssemblies = this.GetFullyTrustedAssemblies().ToArray(); var unsignedAssemblies = fullyTrustedAssemblies.Where(sn => sn.PublicKey.ToString() == ""); if (unsignedAssemblies.Any()) { Assert.Inconclusive("Full trust assemblies must be signed. This test will be ignored. Unsigned assemblies: " + unsignedAssemblies.Aggregate("", (a, sn) => a + sn.Name + " ")); } var evidence = new Evidence(); evidence.AddHostEvidence(new Zone(SecurityZone.Intranet)); var set = SecurityManager.GetStandardSandbox(evidence); this.AddPermissions(set); this.appDomain = AppDomain.CreateDomain( "partial trust", null, AppDomain.CurrentDomain.SetupInformation, set, fullyTrustedAssemblies); this.loggerProxy = ((LoggerProxy)this.appDomain.CreateInstanceAndUnwrap(typeof(LoggerProxy).Assembly.FullName, typeof(LoggerProxy).FullName)); this.loggerProxy.Setup(); }
/*!*/ private static PermissionSet CreatePermissionSet() { #if CLR2 string name = "Internet"; bool foundName = false; PermissionSet setIntersection = new PermissionSet(PermissionState.Unrestricted); // iterate over each policy level IEnumerator e = SecurityManager.PolicyHierarchy(); while (e.MoveNext()) { PolicyLevel level = (PolicyLevel)e.Current; PermissionSet levelSet = level.GetNamedPermissionSet(name); if (levelSet != null) { foundName = true; setIntersection = setIntersection.Intersect(levelSet); } } if (setIntersection == null || !foundName) { setIntersection = new PermissionSet(PermissionState.None); } else { setIntersection = new NamedPermissionSet(name, setIntersection); } return setIntersection; #else // this functionality is not available on Mono (AddHostEvidence is undefined), use dynamic to resolve it at runtime dynamic e = new Evidence(); e.AddHostEvidence(new Zone(SecurityZone.Internet)); return SecurityManager.GetStandardSandbox((Evidence)e); #endif }
public override PolicyStatement Resolve (Evidence evidence) { if (null == evidence) throw new ArgumentNullException("evidence"); if (!MembershipCondition.Check (evidence)) return null; PermissionSet ps = null; if (this.PolicyStatement == null) ps = new PermissionSet (PermissionState.None); else ps = this.PolicyStatement.PermissionSet.Copy (); if (this.Children.Count > 0) { foreach (CodeGroup child_cg in this.Children) { PolicyStatement child_pst = child_cg.Resolve (evidence); if (child_pst != null) { ps = ps.Union (child_pst.PermissionSet); } } } PolicyStatement pst = null; if (this.PolicyStatement != null) pst = this.PolicyStatement.Copy (); else pst = PolicyStatement.Empty (); pst.PermissionSet = ps; return pst; }
public static AppDomain SandboxCreator() { CheckMono(); #if RAZOR4 Assert.Ignore("IsolatedRazorEngineServiceTestFixture is not tested with razor 4 as it is not signed!"); #endif #if MONO // Mono has no AddHostEvidence or GetHostEvidence. // We do not run the tests anyway. return null; #else Evidence ev = new Evidence(); ev.AddHostEvidence(new Zone(SecurityZone.Internet)); PermissionSet permSet = SecurityManager.GetStandardSandbox(ev); // We have to load ourself with full trust StrongName razorEngineAssembly = typeof(RazorEngineService).Assembly.Evidence.GetHostEvidence<StrongName>(); // We have to load Razor with full trust (so all methods are SecurityCritical) // This is because we apply AllowPartiallyTrustedCallers to RazorEngine, because // We need the untrusted (transparent) code to be able to inherit TemplateBase. // Because in the normal environment/appdomain we run as full trust and the Razor assembly has no security attributes // it will be completely SecurityCritical. // This means we have to mark a lot of our members SecurityCritical (which is fine). // However in the sandbox domain we have partial trust and because razor has no Security attributes that means the // code will be transparent (this is where we get a lot of exceptions, because we now have different security attributes) // To work around this we give Razor full trust in the sandbox as well. StrongName razorAssembly = typeof(RazorTemplateEngine).Assembly.Evidence.GetHostEvidence<StrongName>(); // We trust ourself as well StrongName testAssembly = typeof(IsolatedRazorEngineServiceTestFixture).Assembly.Evidence.GetHostEvidence<StrongName>(); AppDomainSetup adSetup = new AppDomainSetup(); adSetup.ApplicationBase = AppDomain.CurrentDomain.SetupInformation.ApplicationBase; AppDomain newDomain = AppDomain.CreateDomain("Sandbox", null, adSetup, permSet, razorEngineAssembly, razorAssembly, testAssembly); return newDomain; #endif }
public override PolicyStatement Resolve(Evidence evidence) { if (evidence == null) throw new ArgumentNullException("evidence"); if (this.MembershipCondition.Check(evidence)) { PolicyStatement thisPolicy = CalculateAssemblyPolicy(evidence); IEnumerator enumerator = this.Children.GetEnumerator(); while (enumerator.MoveNext()) { PolicyStatement childPolicy = ((CodeGroup)enumerator.Current).Resolve(evidence); if (childPolicy != null) { if (((thisPolicy.Attributes & childPolicy.Attributes) & PolicyStatementAttribute.Exclusive) == PolicyStatementAttribute.Exclusive) throw new PolicyException(Environment.GetResourceString("Policy_MultipleExclusive")); thisPolicy.GetPermissionSetNoCopy().InplaceUnion(childPolicy.GetPermissionSetNoCopy()); thisPolicy.Attributes = thisPolicy.Attributes | childPolicy.Attributes; } } return thisPolicy; } else { return null; } }
// Methods public bool Check (Evidence evidence) { if (evidence == null) return false; string codebase = Assembly.GetCallingAssembly ().CodeBase; Uri local = new Uri (codebase); Url ucode = new Url (codebase); // *both* ApplicationDirectory and Url must be in *Host* evidences bool adir = false; bool url = false; IEnumerator e = evidence.GetHostEnumerator (); while (e.MoveNext ()) { object o = e.Current; if (!adir && (o is ApplicationDirectory)) { ApplicationDirectory ad = (o as ApplicationDirectory); string s = ad.Directory; adir = (String.Compare (s, 0, local.ToString (), 0, s.Length, true, CultureInfo.InvariantCulture) == 0); } else if (!url && (o is Url)) { url = ucode.Equals (o); } // got both ? if (adir && url) return true; } return false; }
internal BaseVsaEngine(string language, string version, bool supportDebug) { this.scriptLanguage = language; this.assemblyVersion = version; this.isDebugInfoSupported = supportDebug; this.executionEvidence = null; }
/// <summary> /// Starts this instance. /// </summary> /// <exception cref="System.InvalidOperationException">Job already started.</exception> public static void Start() { if (_job != null) throw new InvalidOperationException("Job already started."); var evidence = new Evidence(AppDomain.CurrentDomain.Evidence); var setup = new AppDomainSetup { ApplicationBase = AppDomain.CurrentDomain.SetupInformation.ApplicationBase, ShadowCopyFiles = "false" }; _appDomain = AppDomain.CreateDomain("eSync-" + Guid.NewGuid(), evidence, setup); try { var assembly = _appDomain.Load(typeof(SyncServiceJob).Assembly.GetName()); var jobTypeName = typeof(SyncServiceJob).FullName; _job = (IJob)_appDomain.CreateInstanceAndUnwrap(assembly.FullName, jobTypeName); _job.Start(); } catch { _job = null; AppDomain.Unload(_appDomain); _appDomain = null; throw; } }
static void Main(string[] args) { object[] hostEvidence = { new Zone(SecurityZone.MyComputer) }; Evidence internetEvidence = new Evidence(hostEvidence, null); AppDomain myDomain = AppDomain.CreateDomain("MyDomain"); myDomain.ExecuteAssembly("SecondAssembly.exe", internetEvidence); AppDomainSetup setup = new AppDomainSetup(); Console.WriteLine(setup.ToString()); Console.WriteLine(typeof(object)); objectArrayTest(new object[] { "Hello", "World"}); AppDomainSetup ads = new AppDomainSetup(); ads.ApplicationBase = "file://" + Environment.CurrentDirectory; ads.DisallowBindingRedirects = false; ads.DisallowCodeDownload = true; ads.ConfigurationFile = AppDomain.CurrentDomain.SetupInformation.ConfigurationFile; AppDomain b = AppDomain.CreateDomain("New Domain", null, ads); ads = AppDomain.CurrentDomain.SetupInformation; Console.WriteLine("ApplicationBase: " + ads.ApplicationBase); Console.WriteLine("ApplicationName: " + ads.ApplicationName); Console.WriteLine("DisallowCodeDownload: " + ads.DisallowCodeDownload); Console.WriteLine("DisallowBindingRedirects: " + ads.DisallowBindingRedirects); }
public static Evidence CreateEvidenceForUrl(string securityUrl) { #if !DISABLE_CAS_USE Evidence evidence = new Evidence(); if (securityUrl != null && securityUrl.Length > 0) { evidence.AddHostEvidence(new Url(securityUrl)); evidence.AddHostEvidence(Zone.CreateFromUrl(securityUrl)); Uri uri = new Uri(securityUrl, UriKind.RelativeOrAbsolute); if (uri.IsAbsoluteUri && !uri.IsFile) { evidence.AddHostEvidence(Site.CreateFromUrl(securityUrl)); } // Allow same directory access for UNCs (SQLBUDT 394535) if (uri.IsAbsoluteUri && uri.IsUnc) { string uncDir = System.IO.Path.GetDirectoryName(uri.LocalPath); if (uncDir != null && uncDir.Length != 0) { evidence.AddHostEvidence(new UncDirectory(uncDir)); } } } return evidence; #else return null; #endif }
public RemoteDebugger() { // Create a new debugger session mSessionId = Guid.NewGuid().ToString(); Evidence evidence = new Evidence(AppDomain.CurrentDomain.Evidence); AppDomainSetup appDomainSetup = AppDomain.CurrentDomain.SetupInformation; mAppDomain = AppDomain.CreateDomain(String.Format("Debugger-{0}", mSessionId), evidence, appDomainSetup); /* Type assemblyLoaderType = typeof(AssemblyLoader); AssemblyLoader loader = mAppDomain.CreateInstanceAndUnwrap(assemblyLoaderType.Assembly.GetName().Name, assemblyLoaderType.FullName) as AssemblyLoader; foreach (String assemblyPath in Directory.GetFiles(DebuggerConfig.ApplicationPath, "Tridion*.dll")) { loader.LoadAssembly(assemblyPath); } */ Type debuggerHostType = typeof(DebugEngineServer); mDebuggerHost = mAppDomain.CreateInstanceAndUnwrap( debuggerHostType.Assembly.GetName().Name, debuggerHostType.FullName, true, BindingFlags.Default, null, new Object[] { mSessionId }, null, null) as DebugEngineServer; }
/// <summary> /// Creates a new child domain and copies the evidence from a parent domain. /// </summary> /// <param name="parentDomain">The parent domain.</param> /// <returns>The new child domain.</returns> /// <remarks> /// Grabs the <paramref name="parentDomain"/> evidence and uses it to construct the new /// <see cref="AppDomain"/> because in a ClickOnce execution environment, creating an /// <see cref="AppDomain"/> will by default pick up the partial trust environment of /// the AppLaunch.exe, which was the root executable. The AppLaunch.exe does a /// create domain and applies the evidence from the ClickOnce manifests to /// create the domain that the application is actually executing in. This will /// need to be Full Trust for Composite Application Library applications. /// </remarks> public static AppDomain BuildChildDomain(AppDomain parentDomain) { if (parentDomain == null) throw new ArgumentNullException("parentDomain"); var evidence = new Evidence(parentDomain.Evidence); AppDomainSetup setup = parentDomain.SetupInformation; return AppDomain.CreateDomain("DiscoveryRegion", evidence, setup); }
private Result compile(Input input) { Compiler compiler; Result r; System.AppDomain unitDomain = null; try { Evidence evidence = new Evidence(AppDomain.CurrentDomain.Evidence); AppDomainSetup setup = AppDomain.CurrentDomain.SetupInformation; unitDomain = AppDomain.CreateDomain("uTestDomain", evidence, setup); Type type = typeof(Compiler); compiler = (Compiler)unitDomain.CreateInstanceFrom( type.Assembly.Location, type.FullName).Unwrap(); foreach (string s in GetAssemblies(Assembly.GetExecutingAssembly())) { compiler.LoadAssembly(s); } r = compiler.Compile(input); } finally { if (unitDomain != null) System.AppDomain.Unload(unitDomain); } return r; }
protected static ObjectHandle CreateInstanceHelper (AppDomainSetup adSetup) { if (adSetup == null) throw new ArgumentNullException ("adSetup"); if (adSetup.ActivationArguments == null) { string msg = Locale.GetText ("{0} is missing it's {1} property"); throw new ArgumentException (String.Format (msg, "AppDomainSetup", "ActivationArguments"), "adSetup"); } HostSecurityManager hsm = null; if (AppDomain.CurrentDomain.DomainManager != null) hsm = AppDomain.CurrentDomain.DomainManager.HostSecurityManager; else hsm = new HostSecurityManager (); // default Evidence applicationEvidence = new Evidence (); applicationEvidence.AddHost (adSetup.ActivationArguments); TrustManagerContext context = new TrustManagerContext (); ApplicationTrust trust = hsm.DetermineApplicationTrust (applicationEvidence, null, context); if (!trust.IsApplicationTrustedToRun) { string msg = Locale.GetText ("Current policy doesn't allow execution of addin."); throw new PolicyException (msg); } // FIXME: we're missing the information from the manifest AppDomain ad = AppDomain.CreateDomain ("friendlyName", null, adSetup); return ad.CreateInstance ("assemblyName", "typeName", null); }
bool IReportMatchMembershipCondition.Check(Evidence evidence, out object usedEvidence) { usedEvidence = null; if (evidence != null) { ApplicationDirectory hostEvidence = evidence.GetHostEvidence<ApplicationDirectory>(); Url url = evidence.GetHostEvidence<Url>(); if ((hostEvidence != null) && (url != null)) { string directory = hostEvidence.Directory; if ((directory != null) && (directory.Length > 1)) { if (directory[directory.Length - 1] == '/') { directory = directory + "*"; } else { directory = directory + "/*"; } URLString operand = new URLString(directory); if (url.GetURLString().IsSubsetOf(operand)) { usedEvidence = hostEvidence; return true; } } } } return false; }
public void Check () { ApplicationDirectoryMembershipCondition ad = new ApplicationDirectoryMembershipCondition (); Evidence e = null; Assert.IsFalse (ad.Check (e), "Check (null)"); e = new Evidence (); Assert.IsFalse (ad.Check (e), "Check (empty)"); e.AddHost (new Zone (SecurityZone.MyComputer)); Assert.IsFalse (ad.Check (e), "Check (zone)"); string codebase = Assembly.GetExecutingAssembly ().CodeBase; Url u = new Url (codebase); ApplicationDirectory adir = new ApplicationDirectory (codebase); e.AddHost (u); Assert.IsFalse (ad.Check (e), "Check (url-host)"); // not enough e.AddAssembly (adir); Assert.IsFalse (ad.Check (e), "Check (url-host+adir-assembly)"); e = new Evidence (); e.AddHost (adir); Assert.IsFalse (ad.Check (e), "Check (adir-host)"); // not enough e.AddAssembly (u); Assert.IsFalse (ad.Check (e), "Check (url-assembly+adir-host)"); e = new Evidence (); e.AddHost (u); e.AddHost (adir); Assert.IsTrue (ad.Check (e), "Check (url+adir host)"); // both!! }
public virtual ApplicationTrust DetermineApplicationTrust (Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context) { if (applicationEvidence == null) throw new ArgumentNullException ("applicationEvidence"); ActivationArguments aa = null; foreach (object o in applicationEvidence) { aa = (o as ActivationArguments); if (aa != null) break; } if (aa == null) { string msg = Locale.GetText ("No {0} found in {1}."); throw new ArgumentException (string.Format (msg, "ActivationArguments", "Evidence"), "applicationEvidence"); } if (aa.ActivationContext == null) { string msg = Locale.GetText ("No {0} found in {1}."); throw new ArgumentException (string.Format (msg, "ActivationContext", "ActivationArguments"), "applicationEvidence"); } // FIXME: this part is still untested (requires manifest support) if (ApplicationSecurityManager.DetermineApplicationTrust (aa.ActivationContext, context)) { if (aa.ApplicationIdentity == null) return new ApplicationTrust (); else return new ApplicationTrust (aa.ApplicationIdentity); } return null; }
public EvidenceBase GenerateEvidence(Type evidenceType) { if (!this.m_targetDomain.IsDefaultAppDomain()) { return AppDomain.GetDefaultDomain().GetHostEvidence(evidenceType); } if (this.m_entryPointEvidence == null) { Assembly entryAssembly = Assembly.GetEntryAssembly(); RuntimeAssembly assembly2 = entryAssembly as RuntimeAssembly; if (assembly2 != null) { this.m_entryPointEvidence = assembly2.EvidenceNoDemand.Clone(); } else if (entryAssembly != null) { this.m_entryPointEvidence = entryAssembly.Evidence; } } if (this.m_entryPointEvidence == null) { return null; } return this.m_entryPointEvidence.GetHostEvidence(evidenceType); }
/// <summary> /// Construct an application domain for running a test package /// </summary> /// <param name="package">The TestPackage to be run</param> public AppDomain CreateDomain( TestPackage package ) { AppDomainSetup setup = CreateAppDomainSetup(package); string domainName = "test-domain-" + package.Name; // Setup the Evidence Evidence evidence = new Evidence(AppDomain.CurrentDomain.Evidence); if (evidence.Count == 0) { Zone zone = new Zone(SecurityZone.MyComputer); evidence.AddHost(zone); Assembly assembly = Assembly.GetExecutingAssembly(); Url url = new Url(assembly.CodeBase); evidence.AddHost(url); Hash hash = new Hash(assembly); evidence.AddHost(hash); } log.Info("Creating AppDomain " + domainName); AppDomain runnerDomain = AppDomain.CreateDomain(domainName, evidence, setup); // Set PrincipalPolicy for the domain if called for in the settings if (_settingsService != null && _settingsService.GetSetting("Options.TestLoader.SetPrincipalPolicy", false)) { runnerDomain.SetPrincipalPolicy(_settingsService.GetSetting( "Options.TestLoader.PrincipalPolicy", PrincipalPolicy.UnauthenticatedPrincipal)); } return runnerDomain; }
public MSXslScript (XPathNavigator nav, Evidence evidence) { this.evidence = evidence; code = nav.Value; if (nav.MoveToFirstAttribute ()) { do { switch (nav.LocalName) { case "language": switch (nav.Value.ToLower (CultureInfo.InvariantCulture)) { case "jscript": case "javascript": language = ScriptingLanguage.JScript; break; case "vb": case "visualbasic": language = ScriptingLanguage.VisualBasic; break; case "c#": case "csharp": language = ScriptingLanguage.CSharp; break; default: throw new XsltException ("Invalid scripting language!", null); } break; case "implements-prefix": implementsPrefix = nav.Value; break; } } while (nav.MoveToNextAttribute ()); nav.MoveToParent (); } if (implementsPrefix == null) throw new XsltException ("need implements-prefix attr", null); }
public static Assembly LoadFile(string path, System.Security.Policy.Evidence securityEvidence) { if ((securityEvidence != null) && !AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled) { throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyImplicit")); } new FileIOPermission(FileIOPermissionAccess.PathDiscovery | FileIOPermissionAccess.Read, path).Demand(); return(RuntimeAssembly.nLoadFile(path, securityEvidence)); }
public static void Main()//Main_11_2_1 { //获取当前程序集的证据 System.Security.Policy.Evidence e = Assembly.GetExecutingAssembly().Evidence; //枚举程序集具有的所有证据 IEnumerator enumerator = e.GetHostEnumerator(); while (enumerator.MoveNext()) { Console.WriteLine(enumerator.Current); } }
public static Assembly Load(byte[] rawAssembly, byte[] rawSymbolStore, System.Security.Policy.Evidence securityEvidence) { if ((securityEvidence != null) && !AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled) { Zone hostEvidence = securityEvidence.GetHostEvidence <Zone>(); if ((hostEvidence == null) || (hostEvidence.SecurityZone != SecurityZone.MyComputer)) { throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyImplicit")); } } StackCrawlMark lookForMyCaller = StackCrawlMark.LookForMyCaller; return(RuntimeAssembly.nLoadImage(rawAssembly, rawSymbolStore, securityEvidence, ref lookForMyCaller, false, SecurityContextSource.CurrentAssembly)); }
internal static RuntimeAssembly InternalLoadFrom(string assemblyFile, System.Security.Policy.Evidence securityEvidence, byte[] hashValue, AssemblyHashAlgorithm hashAlgorithm, bool forIntrospection, bool suppressSecurityChecks, ref StackCrawlMark stackMark) { if (assemblyFile == null) { throw new ArgumentNullException("assemblyFile"); } if ((securityEvidence != null) && !AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled) { throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyImplicit")); } AssemblyName assemblyRef = new AssemblyName { CodeBase = assemblyFile }; assemblyRef.SetHashControl(hashValue, hashAlgorithm); return(InternalLoadAssemblyName(assemblyRef, securityEvidence, ref stackMark, forIntrospection, suppressSecurityChecks)); }
internal static RuntimeAssembly InternalLoad(string assemblyString, System.Security.Policy.Evidence assemblySecurity, ref StackCrawlMark stackMark, bool forIntrospection) { if (assemblyString == null) { throw new ArgumentNullException("assemblyString"); } if ((assemblyString.Length == 0) || (assemblyString[0] == '\0')) { throw new ArgumentException(Environment.GetResourceString("Format_StringZeroLength")); } AssemblyName assemblyRef = new AssemblyName(); RuntimeAssembly assembly = null; assemblyRef.Name = assemblyString; if (assemblyRef.nInit(out assembly, forIntrospection, true) == -2146234297) { return(assembly); } return(InternalLoadAssemblyName(assemblyRef, assemblySecurity, ref stackMark, forIntrospection, false)); }
internal static RuntimeAssembly LoadWithPartialNameInternal(AssemblyName an, System.Security.Policy.Evidence securityEvidence, ref StackCrawlMark stackMark) { if (securityEvidence != null) { if (!AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled) { throw new NotSupportedException(Environment.GetResourceString("NotSupported_RequiresCasPolicyImplicit")); } new SecurityPermission(SecurityPermissionFlag.ControlEvidence).Demand(); } RuntimeAssembly assembly = null; try { assembly = nLoad(an, null, securityEvidence, null, ref stackMark, true, false, false); } catch (Exception exception) { if (exception.IsTransient) { throw exception; } if (IsUserError(exception)) { throw; } if (IsSimplyNamed(an)) { return(null); } AssemblyName assemblyRef = EnumerateCache(an); if (assemblyRef != null) { return(InternalLoadAssemblyName(assemblyRef, securityEvidence, ref stackMark, false, false)); } } return(assembly); }
private static ObjectHandle CreateInstanceFromInternal(String assemblyFile, String typeName, bool ignoreCase, Reflection.BindingFlags bindingAttr, Reflection.Binder binder, Object[] args, Globalization.CultureInfo culture, Object[] activationAttributes, Security.Policy.Evidence securityInfo) { #if FEATURE_CAS_POLICY Contract.Assert(AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled || securityInfo == null); #endif // FEATURE_CAS_POLICY #pragma warning disable 618 Reflection.Assembly assembly = Reflection.Assembly.LoadFrom(assemblyFile); //, securityInfo); #pragma warning restore 618 Type t = assembly.GetType(typeName, true, ignoreCase); Object o = Activator.CreateInstance(t, bindingAttr, binder, args, culture, activationAttributes); // Log(o != null, "CreateInstanceFrom:: ", "Created Instance of class " + typeName, "Failed to create instance of class " + typeName); if (o == null) { return(null); } else { ObjectHandle Handle = new ObjectHandle(o); return(Handle); } }
public bool Check(Evidence evidence) { object usedEvidence = null; return((this as IReportMatchMembershipCondition).Check(evidence, out usedEvidence)); }
public static Assembly LoadFrom(string assemblyFile, System.Security.Policy.Evidence securityEvidence) { return(default(Assembly)); }
public static Assembly LoadFrom(string assemblyFile, System.Security.Policy.Evidence securityEvidence, Byte[] hashValue, System.Configuration.Assemblies.AssemblyHashAlgorithm hashAlgorithm) { return(default(Assembly)); }
public static Assembly Load(string assemblyString, System.Security.Policy.Evidence assemblySecurity) { return(default(Assembly)); }
public static PermissionSet ResolveSystemPolicy(System.Security.Policy.Evidence evidence) { return(default(PermissionSet)); }
/// <summary>Creates an identity permission that corresponds to the current <see cref="T:System.Security.Policy.Site" />.</summary> /// <returns>A <see cref="T:System.Security.Permissions.SiteIdentityPermission" /> for the specified <see cref="T:System.Security.Policy.Site" />.</returns> /// <param name="evidence">The <see cref="T:System.Security.Policy.Evidence" /> from which to construct the identity permission. </param> public IPermission CreateIdentityPermission(Evidence evidence) { return(new SiteIdentityPermission(this.origin_site)); }
public PolicyStatement Resolve(Evidence !evidence) { CodeContract.Requires(evidence != null); return(default(PolicyStatement)); }
bool IReportMatchMembershipCondition.Check(Evidence evidence, out object usedEvidence) { usedEvidence = null; return(true); }
public IPermission CreateIdentityPermission(Evidence evidence) { return(new StrongNameIdentityPermission(m_publicKeyBlob, m_name, m_version)); }
// Implement the IIdentityPermissionFactory interface public IPermission CreateIdentityPermission(Evidence evidence) { return(new PublisherIdentityPermission(cert)); }
public void Merge(Evidence evidence) { }
public Evidence(Evidence evidence) { }
public IPermission CreateIdentityPermission(Evidence evidence) { return(default(IPermission)); }
/// <summary>Creates a new identity permission that corresponds to the current object.</summary> /// <returns>A new <see cref="T:System.Security.Permissions.GacIdentityPermission" />.</returns> /// <param name="evidence">The <see cref="T:System.Security.Policy.Evidence" /> from which to construct the identity permission. </param> public IPermission CreateIdentityPermission(Evidence evidence) { return(new GacIdentityPermission()); }
public IPermission CreateIdentityPermission(Evidence evidence) { return(new ZoneIdentityPermission(zone)); }
public static PermissionSet ResolvePolicy(System.Security.Policy.Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, out PermissionSet denied) { denied = default(System.Security.PermissionSet); return(default(PermissionSet)); }
public CodeGroup ResolveMatchingCodeGroups(Evidence !evidence) { CodeContract.Requires(evidence != null); return(default(CodeGroup)); }
public static Assembly Load(AssemblyName assemblyRef, System.Security.Policy.Evidence assemblySecurity) { return(default(Assembly)); }
public static Assembly Load(Byte[] rawAssembly, Byte[] rawSymbolStore, System.Security.Policy.Evidence securityEvidence) { Contract.Ensures(Contract.Result <Assembly>() != null); return(default(Assembly)); }
public static IEnumerator ResolvePolicyGroups(System.Security.Policy.Evidence evidence) { return(default(IEnumerator)); }
protected override void ProcessRecord() { if (MyInvocation.InvocationName.ToLower() == "save-pnpprovisioninghierarchy") { WriteWarning("Save-PnPProvisioningHierarchy has been deprecated. Use Save-PnPTenantTemplate instead."); } // Determine the output file name and path string outFileName = Path.GetFileName(Out); if (!Path.IsPathRooted(Out)) { Out = Path.Combine(SessionState.Path.CurrentFileSystemLocation.Path, Out); } bool proceed = false; if (System.IO.File.Exists(Out)) { if (Force || ShouldContinue(string.Format(Properties.Resources.File0ExistsOverwrite, Out), Properties.Resources.Confirm)) { System.IO.File.Delete(Out); proceed = true; } } else { proceed = true; } string outPath = new FileInfo(Out).DirectoryName; // Determine if it is an .XML or a .PNP file var extension = ""; if (proceed && outFileName != null) { if (outFileName.IndexOf(".", StringComparison.Ordinal) > -1) { extension = outFileName.Substring(outFileName.LastIndexOf(".", StringComparison.Ordinal)).ToLower(); } else { extension = ".pnp"; } } var fileSystemConnector = new FileSystemConnector(outPath, ""); ITemplateFormatter formatter = XMLPnPSchemaFormatter.LatestFormatter; if (extension == ".pnp") { var useNewEvidence = false; try { var usfdAttempt1 = System.IO.IsolatedStorage.IsolatedStorageFile.GetUserStoreForDomain(); // this will fail when the current AppDomain Evidence is instantiated via COM or in PowerShell } catch (Exception e) { useNewEvidence = true; } if (useNewEvidence) { var replacementEvidence = new System.Security.Policy.Evidence(); replacementEvidence.AddHostEvidence(new System.Security.Policy.Zone(System.Security.SecurityZone.MyComputer)); var currentAppDomain = System.Threading.Thread.GetDomain(); var securityIdentityField = currentAppDomain.GetType().GetField("_SecurityIdentity", System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic); securityIdentityField.SetValue(currentAppDomain, replacementEvidence); } var templateFileName = outFileName.Substring(0, outFileName.LastIndexOf(".", StringComparison.Ordinal)) + ".xml"; XMLTemplateProvider provider = new XMLOpenXMLTemplateProvider( Out, fileSystemConnector, templateFileName: templateFileName); WriteObject("Processing template"); provider.SaveAs(Template, templateFileName); ProcessFiles(Out, fileSystemConnector, provider.Connector); } else { XMLTemplateProvider provider = new XMLFileSystemTemplateProvider(outPath, ""); provider.SaveAs(Template, Out); } }
public static Assembly LoadWithPartialName(string partialName, System.Security.Policy.Evidence securityEvidence) { return(default(Assembly)); }