Code:
/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / fx / src / Core / System / IO / Pipes / PipeSecurity.cs / 1305376 / PipeSecurity.cs
// ==++== // // Copyright (c) Microsoft Corporation. All rights reserved. // // ==--== /*============================================================ ** ** Class: PipeSecurity ** ** ** Purpose: Managed ACL wrapper for Pipes. ** ** ===========================================================*/ using System; using System.Collections; using System.Security.AccessControl; using System.Security.Permissions; using System.Security.Principal; using Microsoft.Win32; using Microsoft.Win32.SafeHandles; using System.Runtime.InteropServices; using System.IO; using System.Runtime.Versioning; namespace System.IO.Pipes { [Flags] public enum PipeAccessRights { // No None field - An ACE with the value 0 cannot grant nor deny. ReadData = 0x000001, WriteData = 0x000002, // Not that all client named pipes require ReadAttributes access even if the user does not specify it. // (This is because CreateFile slaps on the requirement before calling NTCreateFile (at least in WinXP SP2)). ReadAttributes = 0x000080, WriteAttributes = 0x000100, // These aren't really needed since there is no operation that requires this access, but they are left here // so that people can specify ACLs that others can open by specifying a PipeDirection rather than a // PipeAccessRights (PipeDirection.In/Out maps to GENERIC_READ/WRITE access). ReadExtendedAttributes = 0x000008, WriteExtendedAttributes = 0x000010, CreateNewInstance = 0x000004, // AppendData // Again, this is not needed but it should be here so that our FullControl matches windows. Delete = 0x010000, ReadPermissions = 0x020000, ChangePermissions = 0x040000, TakeOwnership = 0x080000, Synchronize = 0x100000, FullControl = ReadData | WriteData | ReadAttributes | ReadExtendedAttributes | WriteAttributes | WriteExtendedAttributes | CreateNewInstance | Delete | ReadPermissions | ChangePermissions | TakeOwnership | Synchronize, Read = ReadData | ReadAttributes | ReadExtendedAttributes | ReadPermissions, Write = WriteData | WriteAttributes | WriteExtendedAttributes, // | CreateNewInstance, For security, I really don't this CreateNewInstance belongs here. ReadWrite = Read | Write, // These are somewhat similar to what you get if you use PipeDirection: //In = ReadData | ReadAttributes | ReadExtendedAttributes | ReadPermissions, //Out = WriteData | WriteAttributes | WriteExtendedAttributes | ChangePermissions | CreateNewInstance | ReadAttributes, // NOTE: Not sure if ReadAttributes should really be here //InOut = In | Out, AccessSystemSecurity = 0x01000000, // Allow changes to SACL. } [System.Security.Permissions.HostProtection(MayLeakOnAbort = true)] public sealed class PipeAccessRule : AccessRule { #region Constructors // // Constructor for creating access rules for pipe objects // public PipeAccessRule( String identity, PipeAccessRights rights, AccessControlType type) : this( new NTAccount(identity), AccessMaskFromRights(rights, type), false, type) { } public PipeAccessRule( IdentityReference identity, PipeAccessRights rights, AccessControlType type) : this( identity, AccessMaskFromRights(rights, type), false, type) { } // // Internal constructor to be called by public constructors // and the access rights factory methods // internal PipeAccessRule( IdentityReference identity, int accessMask, bool isInherited, AccessControlType type) : base( identity, accessMask, isInherited, InheritanceFlags.None, // these do not apply to pipes PropagationFlags.None, // these do not apply to pipes type) { } #endregion #region Public properties public PipeAccessRights PipeAccessRights { get { return RightsFromAccessMask(base.AccessMask); } } #endregion #region Access mask to rights translation // ACL's on pipes have a SYNCHRONIZE bit, and CreateFile ALWAYS asks for it. // So for allows, let's always include this bit, and for denies, let's never // include this bit unless we're denying full control. This is the right // thing for users, even if it does make the model look asymmetrical from a // purist point of view. internal static int AccessMaskFromRights(PipeAccessRights rights, AccessControlType controlType) { if (rights < (PipeAccessRights)0 || rights > (PipeAccessRights.FullControl | PipeAccessRights.AccessSystemSecurity)) throw new ArgumentOutOfRangeException("rights", SR.GetString(SR.ArgumentOutOfRange_NeedValidPipeAccessRights)); if (controlType == AccessControlType.Allow) { rights |= PipeAccessRights.Synchronize; } else if (controlType == AccessControlType.Deny) { if (rights != PipeAccessRights.FullControl) { rights &= ~PipeAccessRights.Synchronize; } } return (int)rights; } internal static PipeAccessRights RightsFromAccessMask(int accessMask) { return (PipeAccessRights)accessMask; } #endregion } [System.Security.Permissions.HostProtection(MayLeakOnAbort = true)] public sealed class PipeAuditRule : AuditRule { #region Constructors public PipeAuditRule( IdentityReference identity, PipeAccessRights rights, AuditFlags flags) : this( identity, AccessMaskFromRights(rights), false, flags) { } public PipeAuditRule( String identity, PipeAccessRights rights, AuditFlags flags) : this( new NTAccount(identity), AccessMaskFromRights(rights), false, flags) { } internal PipeAuditRule( IdentityReference identity, int accessMask, bool isInherited, AuditFlags flags) : base( identity, accessMask, isInherited, InheritanceFlags.None, PropagationFlags.None, flags) { } #endregion #region Private methods private static int AccessMaskFromRights(PipeAccessRights rights) { if (rights < (PipeAccessRights)0 || rights > (PipeAccessRights.FullControl | PipeAccessRights.AccessSystemSecurity)) { throw new ArgumentOutOfRangeException("rights", SR.GetString(SR.ArgumentOutOfRange_NeedValidPipeAccessRights)); } return (int)rights; } #endregion #region Public properties public PipeAccessRights PipeAccessRights { get { return PipeAccessRule.RightsFromAccessMask(base.AccessMask); } } #endregion } [System.Security.Permissions.HostProtection(MayLeakOnAbort = true)] public class PipeSecurity : NativeObjectSecurity { public PipeSecurity() : base(false, ResourceType.KernelObject) { } // Used by PipeStream.GetAccessControl [System.Security.SecuritySafeCritical] internal PipeSecurity(SafePipeHandle safeHandle, AccessControlSections includeSections) : base(false, ResourceType.KernelObject, safeHandle, includeSections) { } public void AddAccessRule(PipeAccessRule rule) { if (rule == null) throw new ArgumentNullException("rule"); base.AddAccessRule(rule); } public void SetAccessRule(PipeAccessRule rule) { if (rule == null) throw new ArgumentNullException("rule"); base.SetAccessRule(rule); } public void ResetAccessRule(PipeAccessRule rule) { if (rule == null) throw new ArgumentNullException("rule"); base.ResetAccessRule(rule); } public bool RemoveAccessRule(PipeAccessRule rule) { if (rule == null) { throw new ArgumentNullException("rule"); } // If the rule to be removed matches what is there currently then // remove it unaltered. That is, don't mask off the Synchronize bit. AuthorizationRuleCollection rules = GetAccessRules(true, true, rule.IdentityReference.GetType()); for (int i = 0; i < rules.Count; i++) { PipeAccessRule fsrule = rules[i] as PipeAccessRule; if ((fsrule != null) && (fsrule.PipeAccessRights == rule.PipeAccessRights) && (fsrule.IdentityReference == rule.IdentityReference) && (fsrule.AccessControlType == rule.AccessControlType)) { return base.RemoveAccessRule(rule); } } // It didn't exactly match any of the current rules so remove this way: // mask off the synchronize bit (that is automatically added for Allow) // before removing the ACL. The logic here should be same as Deny and hence // fake a call to AccessMaskFromRights as though the ACL is for Deny if (rule.PipeAccessRights != PipeAccessRights.FullControl) { return base.RemoveAccessRule(new PipeAccessRule( rule.IdentityReference, PipeAccessRule.AccessMaskFromRights(rule.PipeAccessRights, AccessControlType.Deny), false, rule.AccessControlType)); } else { return base.RemoveAccessRule(rule); } } public void RemoveAccessRuleSpecific(PipeAccessRule rule) { if (rule == null) { throw new ArgumentNullException("rule"); } // If the rule to be removed matches what is there currently then // remove it unaltered. That is, don't mask off the Synchronize bit AuthorizationRuleCollection rules = GetAccessRules(true, true, rule.IdentityReference.GetType()); for (int i = 0; i < rules.Count; i++) { PipeAccessRule fsrule = rules[i] as PipeAccessRule; if ((fsrule != null) && (fsrule.PipeAccessRights == rule.PipeAccessRights) && (fsrule.IdentityReference == rule.IdentityReference) && (fsrule.AccessControlType == rule.AccessControlType)) { base.RemoveAccessRuleSpecific(rule); return; } } // It wasn't an exact match so try masking the sychronize bit (that is // automatically added for Allow) before removing the ACL. The logic // here should be same as Deny and hence fake a call to // AccessMaskFromRights as though the ACL is for Deny if (rule.PipeAccessRights != PipeAccessRights.FullControl) { base.RemoveAccessRuleSpecific(new PipeAccessRule(rule.IdentityReference, PipeAccessRule.AccessMaskFromRights(rule.PipeAccessRights, AccessControlType.Deny), false, rule.AccessControlType)); } else { base.RemoveAccessRuleSpecific(rule); } } public void AddAuditRule(PipeAuditRule rule) { base.AddAuditRule(rule); } public void SetAuditRule(PipeAuditRule rule) { base.SetAuditRule(rule); } public bool RemoveAuditRule(PipeAuditRule rule) { return base.RemoveAuditRule(rule); } public void RemoveAuditRuleAll(PipeAuditRule rule) { base.RemoveAuditRuleAll(rule); } public void RemoveAuditRuleSpecific(PipeAuditRule rule) { base.RemoveAuditRuleSpecific(rule); } public override AccessRule AccessRuleFactory(IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type) { // Throw if inheritance flags or propagation flags set. Have to include in signature // since this is an override if (inheritanceFlags != InheritanceFlags.None) { throw new ArgumentException(SR.GetString(SR.Argument_NonContainerInvalidAnyFlag), "inheritanceFlags"); } if (propagationFlags != PropagationFlags.None) { throw new ArgumentException(SR.GetString(SR.Argument_NonContainerInvalidAnyFlag), "propagationFlags"); } return new PipeAccessRule( identityReference, accessMask, isInherited, type); } public sealed override AuditRule AuditRuleFactory( IdentityReference identityReference, int accessMask, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags) { // Throw if inheritance flags or propagation flags set. Have to include in signature // since this is an override if (inheritanceFlags != InheritanceFlags.None) { throw new ArgumentException(SR.GetString(SR.Argument_NonContainerInvalidAnyFlag), "inheritanceFlags"); } if (propagationFlags != PropagationFlags.None) { throw new ArgumentException(SR.GetString(SR.Argument_NonContainerInvalidAnyFlag), "propagationFlags"); } return new PipeAuditRule( identityReference, accessMask, isInherited, flags); } #region Private Methods private AccessControlSections GetAccessControlSectionsFromChanges() { AccessControlSections persistRules = AccessControlSections.None; if (AccessRulesModified) persistRules = AccessControlSections.Access; if (AuditRulesModified) persistRules |= AccessControlSections.Audit; if (OwnerModified) persistRules |= AccessControlSections.Owner; if (GroupModified) persistRules |= AccessControlSections.Group; return persistRules; } #endregion #region Protected Methods // Use this in your own Persist after you have demanded any appropriate CAS permissions. // Note that you will want your version to be internal and use a specialized Safe Handle. //// [System.Security.SecurityCritical] [SecurityPermission(SecurityAction.Assert, UnmanagedCode = true)] protected internal void Persist(SafeHandle handle) { WriteLock(); try { AccessControlSections persistRules = GetAccessControlSectionsFromChanges(); base.Persist(handle, persistRules); OwnerModified = GroupModified = AuditRulesModified = AccessRulesModified = false; } finally { WriteUnlock(); } } // Use this in your own Persist after you have demanded any appropriate CAS permissions. // Note that you will want your version to be internal. //// // [System.Security.SecurityCritical] [SecurityPermission(SecurityAction.Assert, UnmanagedCode = true)] protected internal void Persist(String name) { WriteLock(); try { AccessControlSections persistRules = GetAccessControlSectionsFromChanges(); base.Persist(name, persistRules); OwnerModified = GroupModified = AuditRulesModified = AccessRulesModified = false; } finally { WriteUnlock(); } } #endregion #region some overrides public override Type AccessRightType { get { return typeof(PipeAccessRights); } } public override Type AccessRuleType { get { return typeof(PipeAccessRule); } } public override Type AuditRuleType { get { return typeof(PipeAuditRule); } } #endregion } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007.//
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- ThemeDirectoryCompiler.cs
- Convert.cs
- WindowsListViewItemStartMenu.cs
- IChannel.cs
- wgx_sdk_version.cs
- DataViewManagerListItemTypeDescriptor.cs
- MimeParameters.cs
- ToggleButton.cs
- Parameter.cs
- WindowsFormsLinkLabel.cs
- ConsumerConnectionPoint.cs
- PkcsMisc.cs
- TypeDescriptionProvider.cs
- ResourceDisplayNameAttribute.cs
- OrCondition.cs
- ByteAnimationUsingKeyFrames.cs
- SharedConnectionWorkflowTransactionService.cs
- DropDownList.cs
- TextElementCollectionHelper.cs
- FlowLayoutSettings.cs
- COM2ComponentEditor.cs
- Graphics.cs
- ComboBox.cs
- EntityConnectionStringBuilder.cs
- KeyGestureValueSerializer.cs
- MouseCaptureWithinProperty.cs
- rsa.cs
- BuildManager.cs
- SchemaEntity.cs
- SqlRetyper.cs
- propertytag.cs
- XmlChoiceIdentifierAttribute.cs
- CompoundFileStorageReference.cs
- WpfWebRequestHelper.cs
- CqlErrorHelper.cs
- TextElementCollection.cs
- GroupBoxRenderer.cs
- MeshGeometry3D.cs
- PromptBuilder.cs
- FilteredSchemaElementLookUpTable.cs
- AssemblyNameProxy.cs
- Expressions.cs
- MemberHolder.cs
- ServiceContractAttribute.cs
- CommandSet.cs
- CodeStatement.cs
- DeflateEmulationStream.cs
- CryptoProvider.cs
- QueryOutputWriterV1.cs
- Literal.cs
- Brush.cs
- RestrictedTransactionalPackage.cs
- RoleManagerSection.cs
- FigureParaClient.cs
- SafeBitVector32.cs
- Lease.cs
- Debug.cs
- OdbcStatementHandle.cs
- LinqDataSourceContextData.cs
- ExecutionEngineException.cs
- MarkupExtensionParser.cs
- ObjectListItem.cs
- EntityException.cs
- BaseComponentEditor.cs
- MethodBuilderInstantiation.cs
- DictionaryBase.cs
- ToolBarDesigner.cs
- TreeNodeMouseHoverEvent.cs
- VSWCFServiceContractGenerator.cs
- UpdateCommandGenerator.cs
- SqlConnection.cs
- ConnectionsZone.cs
- DbDataReader.cs
- CodeFieldReferenceExpression.cs
- CoTaskMemHandle.cs
- Array.cs
- ConfigsHelper.cs
- updatecommandorderer.cs
- ViewSimplifier.cs
- SecurityUtils.cs
- ResourceDictionary.cs
- Propagator.Evaluator.cs
- EntityDataSourceValidationException.cs
- XmlValidatingReader.cs
- PartBasedPackageProperties.cs
- DrawListViewSubItemEventArgs.cs
- UIElement3D.cs
- AstTree.cs
- XPathAncestorQuery.cs
- IdentityReference.cs
- TextBoxBaseDesigner.cs
- ObjectRef.cs
- RawStylusInputReport.cs
- PtsContext.cs
- LZCodec.cs
- NavigationPropertySingletonExpression.cs
- VirtualPathExtension.cs
- BindingExpressionUncommonField.cs
- LayoutUtils.cs
- SoapObjectWriter.cs