internal unsafe static void ReflectedLinkDemandInvoke(MethodBase mb) { RuntimeDeclSecurityActions runtimeDeclSecurityActions; RuntimeDeclSecurityActions runtimeDeclSecurityActions2; if (!SecurityManager.GetLinkDemandSecurity(mb, &runtimeDeclSecurityActions, &runtimeDeclSecurityActions2)) { return; } PermissionSet permissionSet = null; if (runtimeDeclSecurityActions.cas.size > 0) { permissionSet = SecurityManager.Decode(runtimeDeclSecurityActions.cas.blob, runtimeDeclSecurityActions.cas.size); } if (runtimeDeclSecurityActions.noncas.size > 0) { PermissionSet permissionSet2 = SecurityManager.Decode(runtimeDeclSecurityActions.noncas.blob, runtimeDeclSecurityActions.noncas.size); permissionSet = ((permissionSet != null) ? permissionSet.Union(permissionSet2) : permissionSet2); } if (runtimeDeclSecurityActions2.cas.size > 0) { PermissionSet permissionSet3 = SecurityManager.Decode(runtimeDeclSecurityActions2.cas.blob, runtimeDeclSecurityActions2.cas.size); permissionSet = ((permissionSet != null) ? permissionSet.Union(permissionSet3) : permissionSet3); } if (runtimeDeclSecurityActions2.noncas.size > 0) { PermissionSet permissionSet4 = SecurityManager.Decode(runtimeDeclSecurityActions2.noncas.blob, runtimeDeclSecurityActions2.noncas.size); permissionSet = ((permissionSet != null) ? permissionSet.Union(permissionSet4) : permissionSet4); } if (permissionSet != null) { permissionSet.Demand(); } }
public bool Build(X509Certificate2 certificate) { lock (this.m_syncRoot) { if ((certificate == null) || certificate.CertContext.IsInvalid) { throw new ArgumentException(SR.GetString("Cryptography_InvalidContextHandle"), "certificate"); } new StorePermission(StorePermissionFlags.EnumerateCertificates | StorePermissionFlags.OpenStore).Demand(); X509ChainPolicy chainPolicy = this.ChainPolicy; if ((chainPolicy.RevocationMode == X509RevocationMode.Online) && ((certificate.Extensions["2.5.29.31"] != null) || (certificate.Extensions["1.3.6.1.5.5.7.1.1"] != null))) { PermissionSet set = new PermissionSet(PermissionState.None); set.AddPermission(new WebPermission(PermissionState.Unrestricted)); set.AddPermission(new StorePermission(StorePermissionFlags.AddToStore)); set.Demand(); } this.Reset(); if (BuildChain(this.m_useMachineContext ? new IntPtr(1L) : new IntPtr(0L), certificate.CertContext, chainPolicy.ExtraStore, chainPolicy.ApplicationPolicy, chainPolicy.CertificatePolicy, chainPolicy.RevocationMode, chainPolicy.RevocationFlag, chainPolicy.VerificationTime, chainPolicy.UrlRetrievalTimeout, ref this.m_safeCertChainHandle) != 0) { return false; } this.Init(); CAPIBase.CERT_CHAIN_POLICY_PARA pPolicyPara = new CAPIBase.CERT_CHAIN_POLICY_PARA(Marshal.SizeOf(typeof(CAPIBase.CERT_CHAIN_POLICY_PARA))); CAPIBase.CERT_CHAIN_POLICY_STATUS pPolicyStatus = new CAPIBase.CERT_CHAIN_POLICY_STATUS(Marshal.SizeOf(typeof(CAPIBase.CERT_CHAIN_POLICY_STATUS))); pPolicyPara.dwFlags = (uint) chainPolicy.VerificationFlags; if (!CAPISafe.CertVerifyCertificateChainPolicy(new IntPtr(1L), this.m_safeCertChainHandle, ref pPolicyPara, ref pPolicyStatus)) { throw new CryptographicException(Marshal.GetLastWin32Error()); } CAPISafe.SetLastError(pPolicyStatus.dwError); return (pPolicyStatus.dwError == 0); } }
public int Fill(DataSet dataSet, object ADODBRecordSet, string srcTable) { System.Security.PermissionSet permissionSet = new System.Security.PermissionSet(System.Security.Permissions.PermissionState.None); permissionSet.AddPermission(OleDbConnection.ExecutePermission); // MDAC 77737 permissionSet.AddPermission(new System.Security.Permissions.SecurityPermission(System.Security.Permissions.SecurityPermissionFlag.UnmanagedCode)); permissionSet.Demand(); IntPtr hscp; Bid.ScopeEnter(out hscp, "<oledb.OleDbDataAdapter.Fill|API> %d#, dataSet, ADODBRecordSet, srcTable='%ls'\n", ObjectID, srcTable); try { if (null == dataSet) { throw ADP.ArgumentNull("dataSet"); } if (null == ADODBRecordSet) { throw ADP.ArgumentNull("adodb"); } if (ADP.IsEmpty(srcTable)) { throw ADP.FillRequiresSourceTableName("srcTable"); } // user was required to have UnmanagedCode Permission just to create ADODB // (new SecurityPermission(SecurityPermissionFlag.UnmanagedCode)).Demand(); return(FillFromADODB((object)dataSet, ADODBRecordSet, srcTable, true)); } finally { Bid.ScopeLeave(ref hscp); } }
public void SetMethod() { ReflectionPermission rp = new ReflectionPermission(ReflectionPermissionFlag.AllFlags); IsolatedStorageFilePermission isp = new IsolatedStorageFilePermission(PermissionState.Unrestricted); System.Security.PermissionSet ps = new System.Security.PermissionSet(PermissionState.None); ps.AddPermission(rp); ps.AddPermission(isp); ps.Demand(); }
public void Demand() { // check all collection in a single stack walk PermissionSet superset = new PermissionSet(PermissionState.None); foreach (PermissionSet ps in _list) { foreach (IPermission p in ps) { superset.AddPermission(p); } } superset.Demand(); }
protected AppDomainHost(Type serviceType,AppDomain appDomain,PermissionSet permissions,Uri[] baseAddresses) { State = CommunicationState.Faulted; //Cannot grant service permissions the host does not have permissions.Demand(); string assemblyName = Assembly.GetAssembly(typeof(ServiceHostActivator)).FullName; m_ServiceHostActivator = appDomain.CreateInstanceAndUnwrap(assemblyName,typeof(ServiceHostActivator).ToString()) as ServiceHostActivator; appDomain.SetPermissionsSet(permissions); m_ServiceHostActivator.CreateHost(serviceType,baseAddresses); State = CommunicationState.Created; }
public void CanAllowConnectionAfterPermitOnlyPermission() { PermissionSet permissionset = new PermissionSet(PermissionState.None); MySqlClientPermission permission = new MySqlClientPermission(PermissionState.None); MySqlConnectionStringBuilder strConn = new MySqlConnectionStringBuilder(conn.ConnectionString); //// Allow connections only to specified database no additional optional parameters permission.Add("server=localhost;User Id=root;database=" + strConn.Database + ";port=" + strConn.Port + ";", "", KeyRestrictionBehavior.PreventUsage); permission.PermitOnly(); permissionset.AddPermission(permission); permissionset.Demand(); // this conection should be allowed MySqlConnection dummyconn = new MySqlConnection(); dummyconn.ConnectionString = "server=localhost;User Id=root;database=" + strConn.Database + ";port=" + strConn.Port + ";includesecurityasserts=true;"; dummyconn.Open(); if (dummyconn.State == ConnectionState.Open) dummyconn.Close(); }
// When using reflection LinkDemand are promoted to full Demand (i.e. stack walk) internal unsafe static void ReflectedLinkDemandInvoke(MethodBase mb) { RuntimeDeclSecurityActions klass; RuntimeDeclSecurityActions method; if (!GetLinkDemandSecurity(mb, &klass, &method)) { return; } PermissionSet ps = null; if (klass.cas.size > 0) { ps = Decode(klass.cas.blob, klass.cas.size); } if (klass.noncas.size > 0) { PermissionSet p = Decode(klass.noncas.blob, klass.noncas.size); ps = (ps == null) ? p : ps.Union(p); } if (method.cas.size > 0) { PermissionSet p = Decode(method.cas.blob, method.cas.size); ps = (ps == null) ? p : ps.Union(p); } if (method.noncas.size > 0) { PermissionSet p = Decode(method.noncas.blob, method.noncas.size); ps = (ps == null) ? p : ps.Union(p); } // in this case we union-ed the permission sets because we want to do // a single stack walk (not up to 4). if (ps != null) { ps.Demand(); } }
static void loadAssembly2() { Assembly assembly = Assembly.LoadFrom("assembly2.dll"); Console.WriteLine("Strong Name : " + assembly.GetName()); try { PermissionSet perr = new PermissionSet(PermissionState.None); perr.AddPermission(new FileIOPermission(PermissionState.Unrestricted)); perr.PermitOnly(); perr.Demand(); Assembly2.AssemblyClass2.openPage(); } catch (Exception ex) { Console.WriteLine(ex); } }
public int Fill(DataSet dataSet, object ADODBRecordSet, string srcTable) { int num; IntPtr ptr; PermissionSet set = new PermissionSet(PermissionState.None); set.AddPermission(OleDbConnection.ExecutePermission); set.AddPermission(new SecurityPermission(SecurityPermissionFlag.UnmanagedCode)); set.Demand(); Bid.ScopeEnter(out ptr, "<oledb.OleDbDataAdapter.Fill|API> %d#, dataSet, ADODBRecordSet, srcTable='%ls'\n", base.ObjectID, srcTable); try { if (dataSet == null) { throw ADP.ArgumentNull("dataSet"); } if (ADODBRecordSet == null) { throw ADP.ArgumentNull("adodb"); } if (ADP.IsEmpty(srcTable)) { throw ADP.FillRequiresSourceTableName("srcTable"); } num = this.FillFromADODB(dataSet, ADODBRecordSet, srcTable, true); } finally { Bid.ScopeLeave(ref ptr); } return num; }
/// <summary> /// Gets the service control permission. /// </summary> /// <param name="svc">The SVC.</param> /// <returns></returns> /// <exception cref="System.Security.SecurityException">when the permission cannot be acquired</exception> private PermissionSet GetServicePermission(ManagedService svc) { MyLogger.Trace("Entering {0} for service: {1}", MethodBase.GetCurrentMethod().Name, svc.ConsulServiceName); // Creates a permission set that allows no access to the resource. PermissionSet ps = new PermissionSet(System.Security.Permissions.PermissionState.None); // Sets the security permission flag to use for this permission set. ps.AddPermission(new System.Security.Permissions.SecurityPermission(System.Security.Permissions.SecurityPermissionFlag.Assertion)); // Initializes a new instance of the System.ServiceProcess.ServiceControllerPermission class. ps.AddPermission(new ServiceControllerPermission(ServiceControllerPermissionAccess.Control, Environment.MachineName, svc.WindowsServiceName)); ps.Demand(); return ps; }
public bool Build(X509Certificate2 certificate) { if (certificate == null) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("certificate"); if (certificate.Handle == IntPtr.Zero) throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgument("certificate", SR.GetString(SR.ArgumentInvalidCertificate)); SafeCertChainHandle safeCertChainHandle = SafeCertChainHandle.InvalidHandle; X509ChainPolicy chainPolicy = this.ChainPolicy; chainPolicy.VerificationTime = DateTime.Now; if (chainPolicy.RevocationMode == X509RevocationMode.Online) { if (certificate.Extensions[CAPI.szOID_CRL_DIST_POINTS] != null || certificate.Extensions[CAPI.szOID_AUTHORITY_INFO_ACCESS] != null) { // If there is a CDP or AIA extension, we demand unrestricted network access and store add permission // since CAPI can download certificates into the CA store from the network. PermissionSet ps = new PermissionSet(PermissionState.None); ps.AddPermission(new WebPermission(PermissionState.Unrestricted)); ps.AddPermission(new StorePermission(StorePermissionFlags.AddToStore)); ps.Demand(); } } BuildChain(this.useMachineContext ? new IntPtr(CAPI.HCCE_LOCAL_MACHINE) : new IntPtr(CAPI.HCCE_CURRENT_USER), certificate.Handle, chainPolicy.ExtraStore, chainPolicy.ApplicationPolicy, chainPolicy.CertificatePolicy, chainPolicy.RevocationMode, chainPolicy.RevocationFlag, chainPolicy.VerificationTime, chainPolicy.UrlRetrievalTimeout, out safeCertChainHandle); // Verify the chain using the specified policy. CAPI.CERT_CHAIN_POLICY_PARA PolicyPara = new CAPI.CERT_CHAIN_POLICY_PARA(Marshal.SizeOf(typeof(CAPI.CERT_CHAIN_POLICY_PARA))); CAPI.CERT_CHAIN_POLICY_STATUS PolicyStatus = new CAPI.CERT_CHAIN_POLICY_STATUS(Marshal.SizeOf(typeof(CAPI.CERT_CHAIN_POLICY_STATUS))); // Ignore peertrust. Peer trust caused the chain to succeed out-of-the-box in Vista. // This new flag is only available in Vista. PolicyPara.dwFlags = (uint)chainPolicy.VerificationFlags | CAPI.CERT_CHAIN_POLICY_IGNORE_PEER_TRUST_FLAG; if (!CAPI.CertVerifyCertificateChainPolicy(new IntPtr(this.chainPolicyOID), safeCertChainHandle, ref PolicyPara, ref PolicyStatus)) { int error = Marshal.GetLastWin32Error(); throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new CryptographicException(error)); } if (PolicyStatus.dwError != CAPI.S_OK) { int error = (int)PolicyStatus.dwError; throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new SecurityTokenValidationException(SR.GetString(SR.X509ChainBuildFail, SecurityUtils.GetCertificateId(certificate), new CryptographicException(error).Message))); } return true; }
public void Demand () { // check all collection in a single stack walk PermissionSet superset = new PermissionSet (PermissionState.None); foreach (PermissionSet ps in _list) { foreach (IPermission p in ps) { superset.AddPermission (p); } } superset.Demand (); }
// internal - get called by JIT generated code private static void InternalDemand(IntPtr permissions, int length) { PermissionSet ps = Decode(permissions, length); ps.Demand(); }
public static void PermissionSetDemo() { Console.WriteLine("Executing Permission Set Demo"); try { // Open a permission set. PermissionSet ps1 = new PermissionSet(PermissionState.None); Console.WriteLine("Adding permission to open a file from a file dialog box."); // Add a permission to the permission set. ps1.AddPermission(new FileDialogPermission(FileDialogPermissionAccess.Open)); Console.WriteLine("Demanding Permission to open a file."); ps1.Demand(); Console.WriteLine("Demand succeeded."); Console.WriteLine("Adding permission to save a file from a file dialog box."); ps1.AddPermission(new FileDialogPermission(FileDialogPermissionAccess.Save)); Console.WriteLine("Demanding permission to open and save a file."); ps1.Demand(); Console.WriteLine("Demand succeeded."); Console.WriteLine("Adding a permission to read environment variable USERNAME."); ps1.AddPermission(new EnvironmentPermission(EnvironmentPermissionAccess.Read, "USERNAME")); ps1.Demand(); Console.WriteLine("Demand succeeded."); Console.WriteLine("Adding permission to read environment variable COMPUTERNAME."); ps1.AddPermission(new EnvironmentPermission(EnvironmentPermissionAccess.Read, "COMPUTERNAME")); // Demand all the permissions in the set. Console.WriteLine("Demand all permissions."); ps1.Demand(); Console.WriteLine("Demand succeeded."); // Display the number of permissions in the set. Console.WriteLine("Number of permissions = " + ps1.Count); // Display the value of the IsSynchronized property. Console.WriteLine("IsSynchronized property = " + ps1.IsSynchronized); // Display the value of the IsReadOnly property. Console.WriteLine("IsReadOnly property = " + ps1.IsReadOnly); // Display the value of the SyncRoot property. Console.WriteLine("SyncRoot property = " + ps1.SyncRoot); // Display the result of a call to the ContainsNonCodeAccessPermissions method. // Gets a value indicating whether the PermissionSet contains permissions // that are not derived from CodeAccessPermission. // Returns true if the PermissionSet contains permissions that are not // derived from CodeAccessPermission; otherwise, false. Console.WriteLine("ContainsNonCodeAccessPermissions method returned " + ps1.ContainsNonCodeAccessPermissions()); Console.WriteLine("Value of the permission set ToString = \n" + ps1.ToString()); PermissionSet ps2 = new PermissionSet(PermissionState.None); // Create a second permission set and compare it to the first permission set. ps2.AddPermission(new EnvironmentPermission(EnvironmentPermissionAccess.Read, "USERNAME")); ps2.AddPermission(new EnvironmentPermission(EnvironmentPermissionAccess.Write, "COMPUTERNAME")); Console.WriteLine("Permission set 2 = " + ps2); IEnumerator list = ps1.GetEnumerator(); Console.WriteLine("Permissions in first permission set:"); foreach (var permission in ps1) Console.WriteLine(permission.ToString()); Console.WriteLine("Second permission IsSubSetOf first permission = " + ps2.IsSubsetOf(ps1)); // Display the intersection of two permission sets. PermissionSet ps3 = ps2.Intersect(ps1); Console.WriteLine("The intersection of the first permission set and the second permission set = " + ps3.ToString()); // Create a new permission set. PermissionSet ps4 = new PermissionSet(PermissionState.None); ps4.AddPermission(new FileIOPermission(FileIOPermissionAccess.Read, "C:\\Temp\\Testfile.txt")); ps4.AddPermission(new FileIOPermission(FileIOPermissionAccess.Write | FileIOPermissionAccess.Append, "C:\\Temp\\Testfile.txt")); // Display the union of two permission sets. PermissionSet ps5 = ps3.Union(ps4); Console.WriteLine("The union of permission set 3 and permission set 4 = " + ps5.ToString()); // Remove FileIOPermission from the permission set. ps5.RemovePermission(typeof(FileIOPermission)); Console.WriteLine("The last permission set after removing FileIOPermission = " + ps5.ToString()); // Change the permission set using SetPermission ps5.SetPermission(new EnvironmentPermission(EnvironmentPermissionAccess.AllAccess, "USERNAME")); Console.WriteLine("Permission set after SetPermission = " + ps5.ToString()); // Display result of ToXml and FromXml operations. PermissionSet ps6 = new PermissionSet(PermissionState.None); ps6.FromXml(ps5.ToXml()); Console.WriteLine("Result of ToFromXml = " + ps6.ToString() + "\n"); // Display result of PermissionSet.GetEnumerator. IEnumerator psEnumerator = ps1.GetEnumerator(); while (psEnumerator.MoveNext()) { Console.WriteLine(psEnumerator.Current.ToString()); } // Check for an unrestricted permission set. PermissionSet ps7 = new PermissionSet(PermissionState.Unrestricted); Console.WriteLine("Permission set is unrestricted = " + ps7.IsUnrestricted()); // Create and display a copy of a permission set. ps7 = ps5.Copy(); Console.WriteLine("Result of copy = " + ps7.ToString()); } catch (Exception e) { Console.WriteLine(e.Message.ToString()); } }
/// <summary> /// The main. /// </summary> private void main() { Console.WriteLine("=======ClueBuddy======="); try { var savingPermissions = new PermissionSet(null); savingPermissions.AddPermission(new FileDialogPermission(FileDialogPermissionAccess.Save)); savingPermissions.AddPermission(new SecurityPermission(SecurityPermissionFlag.SerializationFormatter)); savingPermissions.AddPermission(new ReflectionPermission(ReflectionPermissionFlag.MemberAccess)); // briefly demand these permissions to detect whether we'll succeed later savingPermissions.Demand(); } catch (SecurityException) { ConsoleHelper.WriteColor(ConsoleColor.Red, "WARNING: insufficient permissions to save games."); } while (true) { try { if (this.game != null && this.game.AreCluesConflicted) { this.ResolveConflicts(); } var mainMenu = new Dictionary<char, string>(); mainMenu.Add('L', "Load game"); mainMenu.Add('N', "New game"); if (this.game != null) { mainMenu.Add('S', "Save game"); mainMenu.Add('T', "Play a Turn"); mainMenu.Add('G', "See Grid"); mainMenu.Add('C', "List Clues"); mainMenu.Add('F', "Force enter a clue"); } mainMenu.Add('Q', "Quit"); switch (ConsoleHelper.Choose("Main menu:", mainMenu, s => s).Key) { case 'L': this.LoadGame(); break; case 'N': this.ChooseGame(); if (this.game == null) break; this.SetupPlayers(); this.game.Start(); this.prepareNewOrLoadedGameState(); this.LearnOwnHand(); break; case 'S': this.SaveGame(); break; case 'T': this.TakeTurn(); break; case 'F': this.ForceClue(); break; case 'G': this.PrintGrid(); break; case 'C': this.ListClues(); break; case 'Q': return; } } catch (SecurityException ex) { Console.Error.WriteLine("Insufficient permissions: {0}.", ex.Demanded); } catch (Exception e) { if (e is OutOfMemoryException || e is StackOverflowException) throw; if (ConsoleHelper.Choose(string.Format("An {0} exception was thrown: {1}.{2}Do you want to try to continue the game?", e.GetType().Name, e.Message, Environment.NewLine), false, new[] { "Yes", "No" }) == 1) throw; } } }
public static void Log3(string text) { PermissionSet p = new PermissionSet(PermissionState.Unrestricted); p.Demand(); }
/// <summary> /// Check security permissions /// </summary> public static bool CheckSecurity() { try { PermissionSet set = new PermissionSet(PermissionState.Unrestricted); set.Demand(); } catch { return false; } return true; }
private static void SendKeyboardInput(Key key, bool press) { PermissionSet permissions = new PermissionSet(PermissionState.Unrestricted); permissions.Demand(); NativeMethods.INPUT ki = new NativeMethods.INPUT(); ki.type = NativeMethods.InputKeyboard; ki.union.keyboardInput.wVk = (short)KeyInterop.VirtualKeyFromKey(key); ki.union.keyboardInput.wScan = (short)NativeMethods.MapVirtualKey(ki.union.keyboardInput.wVk, 0); int dwFlags = 0; if (ki.union.keyboardInput.wScan > 0) { dwFlags |= NativeMethods.KeyeventfScancode; } if (!press) { dwFlags |= NativeMethods.KeyeventfKeyup; } ki.union.keyboardInput.dwFlags = dwFlags; ki.union.keyboardInput.time = 0; ki.union.keyboardInput.dwExtraInfo = new IntPtr(0); if (NativeMethods.SendInput(1, ref ki, Marshal.SizeOf(ki)) == 0) { throw new Win32Exception(Marshal.GetLastWin32Error()); } }
/// <summary> /// Initializes the permissions manager with the permissions required by an install script. /// </summary> internal static void Init() { #if TRACE Trace.WriteLine(""); Trace.WriteLine("Setting up File IO Permissions for: "); Trace.Indent(); Trace.Write(" FOMM tmp Dir: "); Trace.WriteLine(Program.tmpPath); Trace.Write(" Install Info Dir: "); Trace.WriteLine(Program.GameMode.InstallInfoDirectory); Trace.Write(" System tmp Dir: "); Trace.WriteLine(Path.GetTempPath()); Directory.GetAccessControl(Path.GetTempPath()); Trace.WriteLine(" Settings Files: "); Trace.Indent(); foreach (string strValue in Program.GameMode.SettingsFiles.Values) Trace.WriteLine(strValue); Trace.Unindent(); Trace.WriteLine(" Other Paths: "); Trace.Indent(); foreach (string strValue in Program.GameMode.AdditionalPaths.Values) Trace.WriteLine(strValue); Trace.Unindent(); Trace.Unindent(); Trace.Flush(); #endif permissions = new PermissionSet(PermissionState.None); //do the following paths need to add to this? // savesPath - fallout 3 FileIOPermission fipFilePermission = new FileIOPermission(FileIOPermissionAccess.AllAccess, new string[] { Program.tmpPath, Path.GetTempPath(), Program.GameMode.InstallInfoDirectory, Program.GameMode.PluginsPath }); List<string> lstPaths = new List<string>(Program.GameMode.SettingsFiles.Values); lstPaths.AddRange(Program.GameMode.AdditionalPaths.Values); fipFilePermission.AddPathList(FileIOPermissionAccess.AllAccess, lstPaths.ToArray()); fipFilePermission.AddPathList(FileIOPermissionAccess.Read, Environment.CurrentDirectory); permissions.AddPermission(fipFilePermission); permissions.AddPermission(new SecurityPermission(SecurityPermissionFlag.UnmanagedCode)); permissions.AddPermission(new UIPermission(UIPermissionWindow.AllWindows)); #if TRACE Trace.Write("Demanding access to System tmp Dir..."); try { permissions.Demand(); Trace.WriteLine("Succeeded."); } catch (Exception e) { Trace.WriteLine("Failed:"); Program.TraceException(e); } Trace.WriteLine(" System tmp Dir Permissions:"); Trace.Indent(); DirectorySecurity drsPermissions = Directory.GetAccessControl(Path.GetTempPath()); Dictionary<string, List<FileSystemRights>> dicRights = new Dictionary<string, List<FileSystemRights>>(); foreach (FileSystemAccessRule fsrRule in drsPermissions.GetAccessRules(true, true, typeof(NTAccount))) { if (!dicRights.ContainsKey(fsrRule.IdentityReference.Value)) dicRights[fsrRule.IdentityReference.Value] = new List<FileSystemRights>(); dicRights[fsrRule.IdentityReference.Value].Add(fsrRule.FileSystemRights); } foreach (KeyValuePair<string, List<FileSystemRights>> kvpRight in dicRights) { Trace.WriteLine(kvpRight.Key + " =>"); Trace.Indent(); foreach (FileSystemRights fsrRight in kvpRight.Value) Trace.WriteLine(fsrRight.ToString()); Trace.Unindent(); } Trace.Unindent(); Trace.Write("Testing access to System tmp Dir..."); try { File.WriteAllText(Path.Combine(Path.GetTempPath(), "testFile.txt"), "This is fun."); Trace.WriteLine("Passed: " + File.ReadAllText(Path.Combine(Path.GetTempPath(), "testFile.txt"))); File.Delete(Path.Combine(Path.GetTempPath(), "testFile.txt")); } catch (Exception e) { Trace.WriteLine("Failed: "); Program.TraceException(e); } #endif }
private static void SendMouseInput(int x, int y, int data, NativeMethods.SendMouseInputFlags flags, bool delay = true) { PermissionSet permissions = new PermissionSet(PermissionState.Unrestricted); permissions.Demand(); int intflags = (int)flags; if ((intflags & (int)NativeMethods.SendMouseInputFlags.Absolute) != 0) { // Absolute position requires normalized coordinates. NormalizeCoordinates(ref x, ref y); intflags |= NativeMethods.MouseeventfVirtualdesk; } NativeMethods.INPUT mi = new NativeMethods.INPUT(); mi.type = NativeMethods.InputMouse; mi.union.mouseInput.dx = x; mi.union.mouseInput.dy = y; mi.union.mouseInput.mouseData = data; mi.union.mouseInput.dwFlags = intflags; mi.union.mouseInput.time = 0; mi.union.mouseInput.dwExtraInfo = new IntPtr(0); if (NativeMethods.SendInput(1, ref mi, Marshal.SizeOf(mi)) == 0) { throw new Win32Exception(Marshal.GetLastWin32Error()); } if (delay) { System.Threading.Thread.Sleep(250); } }
public int Fill(DataTable dataTable, object ADODBRecordSet) { int num; IntPtr ptr; PermissionSet set = new PermissionSet(PermissionState.None); set.AddPermission(OleDbConnection.ExecutePermission); set.AddPermission(new SecurityPermission(SecurityPermissionFlag.UnmanagedCode)); set.Demand(); Bid.ScopeEnter(out ptr, "<oledb.OleDbDataAdapter.Fill|API> %d#, dataTable, ADODBRecordSet\n", base.ObjectID); try { if (dataTable == null) { throw ADP.ArgumentNull("dataTable"); } if (ADODBRecordSet == null) { throw ADP.ArgumentNull("adodb"); } num = this.FillFromADODB(dataTable, ADODBRecordSet, null, false); } finally { Bid.ScopeLeave(ref ptr); } return num; }
private static void SendKeyboardInput(Key key, bool press) { PermissionSet permissions = new PermissionSet(PermissionState.Unrestricted); permissions.Demand(); NativeMethods.INPUT ki = new NativeMethods.INPUT(); ki.type = NativeMethods.InputKeyboard; ki.union.keyboardInput.wVk = (short)KeyInterop.VirtualKeyFromKey(key); ki.union.keyboardInput.wScan = (short)NativeMethods.MapVirtualKey(ki.union.keyboardInput.wVk, 0); int dwFlags = 0; if (ki.union.keyboardInput.wScan > 0) { dwFlags |= NativeMethods.KeyeventfScancode; } if (!press) { dwFlags |= NativeMethods.KeyeventfKeyup; } ki.union.keyboardInput.dwFlags = dwFlags; if (ExtendedKeys.Contains(key)) { ki.union.keyboardInput.dwFlags |= NativeMethods.KeyeventfExtendedkey; } ki.union.keyboardInput.time = 0; ki.union.keyboardInput.dwExtraInfo = new IntPtr(0); if (NativeMethods.SendInput(1, ref ki, Marshal.SizeOf(ki)) == 0) { throw new Win32Exception(Marshal.GetLastWin32Error()); } //Pause briefly to ensure the keyboard event was processed System.Threading.Thread.Sleep(10); }
static void PromoteTransaction(Transaction transactionToPromote) { // TransactionInterop.GetDtcTransaction has a link demand for full trust. If we are not running in full trust, don't make the call. // If we are running in full trust, it is possible that we got invoked thru a cross AppDomain call from a partially trusted // AppDomain. So extend the demand for full trust to a full demand. if ((PartialTrustHelpers.AppDomainFullyTrusted) && (transactionToPromote != null)) { PermissionSet ps = new PermissionSet(PermissionState.Unrestricted); ps.Demand(); TransactionInterop.GetDtcTransaction(transactionToPromote); } }
public int Fill(DataSet dataSet, object ADODBRecordSet, string srcTable) { System.Security.PermissionSet permissionSet = new System.Security.PermissionSet(System.Security.Permissions.PermissionState.None); permissionSet.AddPermission(OleDbConnection.ExecutePermission); // MDAC 77737 permissionSet.AddPermission(new System.Security.Permissions.SecurityPermission(System.Security.Permissions.SecurityPermissionFlag.UnmanagedCode)); permissionSet.Demand(); IntPtr hscp; Bid.ScopeEnter(out hscp, "<oledb.OleDbDataAdapter.Fill|API> %d#, dataSet, ADODBRecordSet, srcTable='%ls'\n", ObjectID, srcTable); try { if (null == dataSet) { throw ADP.ArgumentNull("dataSet"); } if (null == ADODBRecordSet) { throw ADP.ArgumentNull("adodb"); } if (ADP.IsEmpty(srcTable)) { throw ADP.FillRequiresSourceTableName("srcTable"); } // user was required to have UnmanagedCode Permission just to create ADODB // (new SecurityPermission(SecurityPermissionFlag.UnmanagedCode)).Demand(); return FillFromADODB((object)dataSet, ADODBRecordSet, srcTable, true); } finally { Bid.ScopeLeave(ref hscp); } }
private static void PerformMouseAction(int coord_x, int coord_y, int something, MouseInputFlags flags) { PermissionSet permissions = new PermissionSet(PermissionState.Unrestricted); permissions.Demand(); int intflags = (int)flags; if ((intflags & (int)MouseInputFlags.Absolute) != 0) { // Absolute position requires normalized coordinates. NormalizeCoordinates(ref coord_x, ref coord_y); intflags |= MouseeventfVirtualdesk; } INPUT mi = new INPUT(); mi.type = InputMouse; mi.union.mouseInput.dx = coord_x; mi.union.mouseInput.dy = coord_y; mi.union.mouseInput.mouseData = something; mi.union.mouseInput.dwFlags = intflags; mi.union.mouseInput.time = 0; mi.union.mouseInput.dwExtraInfo = new IntPtr(0); if (SendInput(1, ref mi, Marshal.SizeOf(mi)) == 0) { throw new Win32Exception(Marshal.GetLastWin32Error()); } }
private void EnlistDistributedTransactionHelper(ITransaction transaction) { PermissionSet set = new PermissionSet(PermissionState.None); set.AddPermission(ExecutePermission); set.AddPermission(new SecurityPermission(SecurityPermissionFlag.UnmanagedCode)); set.Demand(); Bid.Trace("<prov.DbConnectionHelper.EnlistDistributedTransactionHelper|RES|TRAN> %d#, Connection enlisting in a transaction.\n", this.ObjectID); System.Transactions.Transaction transactionFromDtcTransaction = null; if (transaction != null) { transactionFromDtcTransaction = TransactionInterop.GetTransactionFromDtcTransaction((IDtcTransaction) transaction); } this.InnerConnection.EnlistTransaction(transactionFromDtcTransaction); GC.KeepAlive(this); }
partial void AssertPermissions() { // Security Asserts can only be done when the assemblies // are put in the GAC as documented in // http://msdn.microsoft.com/en-us/library/ff648665.aspx if (this.Settings.IncludeSecurityAsserts) { PermissionSet set = new PermissionSet(PermissionState.None); set.AddPermission(new MySqlClientPermission(ConnectionString)); set.Demand(); MySqlSecurityPermission.CreatePermissionSet(true).Assert(); } }
private static void InternalDemand(IntPtr permissions, int length) { PermissionSet permissionSet = SecurityManager.Decode(permissions, length); permissionSet.Demand(); }
/// <summary> /// Creates a new app domain for plugins. /// </summary> /// <param name="pluginpath">The path to where plugins will be loaded from.</param> private static AppDomain CreatePluginDomain(string pluginpath) { // Setup plugin permissions PermissionSet permissions = new PermissionSet(PermissionState.None); permissions.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution | SecurityPermissionFlag.UnmanagedCode | SecurityPermissionFlag.Infrastructure | SecurityPermissionFlag.RemotingConfiguration)); //permissions.AddPermission(new SecurityPermission(PermissionState.Unrestricted)); permissions.AddPermission(new FileIOPermission(PermissionState.Unrestricted)); permissions.AddPermission(new UIPermission(UIPermissionWindow.AllWindows)); permissions.AddPermission(new DnsPermission(PermissionState.Unrestricted)); permissions.AddPermission(new EnvironmentPermission(PermissionState.Unrestricted)); permissions.AddPermission(new SocketPermission(PermissionState.Unrestricted)); permissions.AddPermission(new WebPermission(PermissionState.Unrestricted)); permissions.Demand(); // Get the strong name for the deployer assembly so it can be fully trusted in the new domain. StrongName deployerEngineStrongName = GetStrongName(Assembly.GetExecutingAssembly()); // Create new appdomain with the specified permission set AppDomainSetup domaininfo = new AppDomainSetup(); domaininfo.ApplicationBase = AppDomain.CurrentDomain.BaseDirectory; domaininfo.PrivateBinPath = pluginpath; AppDomain appdomain = AppDomain.CreateDomain("Plugins", AppDomain.CurrentDomain.Evidence, domaininfo, permissions, deployerEngineStrongName); return appdomain; }