Code:
/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / PartialTrustHelpers.cs / 1 / PartialTrustHelpers.cs
//------------------------------------------------------------ // Copyright (c) Microsoft Corporation. All rights reserved. //----------------------------------------------------------- namespace System.ServiceModel { using System.Security; using System.Web; using System.Threading; using System.Diagnostics; using System.Reflection; using System.Security.Permissions; static class PartialTrustHelpers { ////// Critical - caches the PermissionSet associated with the asp.net trust level /// this will not change over the life of the AppDomain /// [SecurityCritical] static SecurityContext aspNetSecurityContext; ////// Critical - if erroneously set to true, could bypass the PermitOnly /// [SecurityCritical] static bool isInitialized; ////// RequiresReview - determines if the given PermissionSet is full trust /// we will base subsequent security decisions on this /// [SecurityRequiresReview] static bool IsFullTrust(PermissionSet perms) { return perms == null || perms.IsUnrestricted(); } internal static bool NeedPartialTrustInvoke { ////// Critical - makes a security sensitive decision, updates aspNetSecurityContext and isInitialized /// Safe - ok to know whether the ASP app is partial trust /// [SecurityCritical, SecurityTreatAsSafe] get { if (!isInitialized) { NamedPermissionSet aspNetPermissionSet = HttpRuntime.GetNamedPermissionSet(); if (!IsFullTrust(aspNetPermissionSet)) { try { aspNetPermissionSet.PermitOnly(); aspNetSecurityContext = CaptureSecurityContextNoIdentityFlow(); } finally { CodeAccessPermission.RevertPermitOnly(); } } isInitialized = true; } return aspNetSecurityContext != null; } } ////// Critical - captures security context with identity flow suppressed, this requires satisfying a LinkDemand for infrastructure /// [SecurityCritical] internal static SecurityContext CaptureSecurityContextNoIdentityFlow() { // capture the security context but never flow windows identity if (SecurityContext.IsWindowsIdentityFlowSuppressed()) { return SecurityContext.Capture(); } else { using (SecurityContext.SuppressFlowWindowsIdentity()) { return SecurityContext.Capture(); } } } ////// Critical - touches aspNetSecurityContext /// Safe - ok to invoke the user's delegate under the PT context /// [SecurityCritical, SecurityTreatAsSafe] internal static void PartialTrustInvoke(ContextCallback callback, object state) { if (NeedPartialTrustInvoke) { SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state); } else { callback(state); } } ////// Critical - used in a security-sensitive decision /// [SecurityCritical] internal static bool IsTypeAptca(Type type) { Assembly assembly = type.Assembly; return IsAssemblyAptca(assembly) || !IsAssemblySigned(assembly); } ////// Critical - used in a security-sensitive decision /// [SecurityCritical] static Type aptca; ////// Critical - used in a security-sensitive decision /// [SecurityCritical] static bool IsAssemblyAptca(Assembly assembly) { if (aptca == null) { aptca = typeof(AllowPartiallyTrustedCallersAttribute); } return assembly.GetCustomAttributes(aptca, false).Length > 0; } ////// Critical - used in a security-sensitive decision /// [SecurityCritical] [FileIOPermission(SecurityAction.Assert, Unrestricted=true)] static bool IsAssemblySigned(Assembly assembly) { byte[] publicKeyToken = assembly.GetName().GetPublicKeyToken(); return publicKeyToken != null & publicKeyToken.Length > 0; } } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ConfigurationStrings.cs
- SvcFileManager.cs
- RuleInfoComparer.cs
- RegexReplacement.cs
- ExpressionsCollectionConverter.cs
- DebuggerAttributes.cs
- PixelFormats.cs
- DbConnectionPoolGroupProviderInfo.cs
- Exceptions.cs
- SecurityResources.cs
- SetterBase.cs
- FontStyleConverter.cs
- X509CertificateTokenFactoryCredential.cs
- JsonEncodingStreamWrapper.cs
- OleCmdHelper.cs
- unitconverter.cs
- AlgoModule.cs
- MetadataArtifactLoaderResource.cs
- metadatamappinghashervisitor.cs
- _BasicClient.cs
- SQLInt16Storage.cs
- DirectoryObjectSecurity.cs
- Panel.cs
- ImageMap.cs
- ValueChangedEventManager.cs
- RunInstallerAttribute.cs
- ListBox.cs
- FrameworkContentElementAutomationPeer.cs
- AccessibilityHelperForXpWin2k3.cs
- UserMapPath.cs
- ComContractElement.cs
- StoragePropertyMapping.cs
- HtmlContainerControl.cs
- XmlC14NWriter.cs
- DataServiceRequestOfT.cs
- ExcCanonicalXml.cs
- XmlBaseReader.cs
- ToolStripRendererSwitcher.cs
- SrgsDocument.cs
- PassportAuthentication.cs
- TypeResolver.cs
- TableHeaderCell.cs
- RouteItem.cs
- SafeBitVector32.cs
- SQLBinaryStorage.cs
- Pkcs7Recipient.cs
- PropertyChangingEventArgs.cs
- rsa.cs
- FixedFlowMap.cs
- CollectionConverter.cs
- DataExpression.cs
- SmtpSpecifiedPickupDirectoryElement.cs
- DrawingImage.cs
- NavigationWindow.cs
- SqlWebEventProvider.cs
- DurableInstanceProvider.cs
- ObjectStorage.cs
- EmissiveMaterial.cs
- TextView.cs
- ServiceModelActivationSectionGroup.cs
- DesignTimeParseData.cs
- ObjectRef.cs
- RunInstallerAttribute.cs
- XmlSchemaCollection.cs
- DesignerResources.cs
- SymbolType.cs
- RecipientInfo.cs
- DesignTimeHTMLTextWriter.cs
- WebPart.cs
- ExtendedProtectionPolicyTypeConverter.cs
- _AutoWebProxyScriptHelper.cs
- FixedTextContainer.cs
- RelationshipType.cs
- CodeDelegateInvokeExpression.cs
- ListCollectionView.cs
- DiscoveryUtility.cs
- XmlTextReaderImpl.cs
- Propagator.ExtentPlaceholderCreator.cs
- TableRowCollection.cs
- ProjectionCamera.cs
- HttpChannelBindingToken.cs
- RuntimeConfigLKG.cs
- PolyQuadraticBezierSegmentFigureLogic.cs
- XsdValidatingReader.cs
- Cast.cs
- COM2Enum.cs
- ClusterRegistryConfigurationProvider.cs
- WebControlAdapter.cs
- KnownBoxes.cs
- PrintDialog.cs
- XmlElementCollection.cs
- AutomationEvent.cs
- DataSourceCache.cs
- Html32TextWriter.cs
- EntityViewGenerationAttribute.cs
- AttachmentCollection.cs
- FunctionDetailsReader.cs
- BooleanFunctions.cs
- Int32AnimationBase.cs
- PropertyKey.cs