diff options
author | Jan Kotas <jkotas@microsoft.com> | 2017-02-06 06:53:42 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-02-06 06:53:42 -0800 |
commit | 5c47caa806e6907df81e7a96864984df4d0f38cd (patch) | |
tree | e3437edcb63f42f98c93eb425b4e7a750eda73df /src/vm/securitydescriptor.cpp | |
parent | 0b064eef415468f50e7360256e42737d247eb677 (diff) | |
download | coreclr-5c47caa806e6907df81e7a96864984df4d0f38cd.tar.gz coreclr-5c47caa806e6907df81e7a96864984df4d0f38cd.tar.bz2 coreclr-5c47caa806e6907df81e7a96864984df4d0f38cd.zip |
CAS Security cleanup (#9355)
Diffstat (limited to 'src/vm/securitydescriptor.cpp')
-rw-r--r-- | src/vm/securitydescriptor.cpp | 54 |
1 files changed, 1 insertions, 53 deletions
diff --git a/src/vm/securitydescriptor.cpp b/src/vm/securitydescriptor.cpp index a91022fa67..a14095a981 100644 --- a/src/vm/securitydescriptor.cpp +++ b/src/vm/securitydescriptor.cpp @@ -404,59 +404,7 @@ void PEFileSecurityDescriptor::ResolveWorker() } CONTRACTL_END; - if (NingenEnabled()) { - SetGrantedPermissionSet(NULL, NULL, 0xFFFFFFFF); - } - -#ifndef CROSSGEN_COMPILE - struct _gc - { - OBJECTREF evidence; // Object containing evidence - OBJECTREF granted; // Policy based Granted Permission - OBJECTREF grantdenied; // Policy based explicitly Denied Permissions - } - gc; - ZeroMemory(&gc, sizeof(gc)); - - GCPROTECT_BEGIN(gc); - - DWORD dwSpecialFlags = 0; - if (QuickIsFullyTrusted()) - { - Security::GetPermissionInstance(&gc.granted, SECURITY_FULL_TRUST); - dwSpecialFlags = 0xFFFFFFFF; - } - else - { - if (IsEvidenceComputed()) - { - gc.evidence = ObjectFromLazyHandle(m_hAdditionalEvidence, m_pLoaderAllocator); - } - else - { - gc.evidence = GetEvidence(); - } - - if (!m_pAppDomain->GetSecurityDescriptor()->IsLegacyCasPolicyEnabled()) - { - gc.granted = SecurityPolicy::ResolveGrantSet(gc.evidence, &dwSpecialFlags, FALSE); - } - else - { - gc.granted = SecurityPolicy::ResolveCasPolicy(gc.evidence, - NULL, - NULL, - NULL, - &gc.grantdenied, - &dwSpecialFlags, - FALSE); - } - } - - SetGrantedPermissionSet(gc.granted, NULL, dwSpecialFlags); - - GCPROTECT_END(); -#endif // CROSSGEN_COMPILE + SetGrantedPermissionSet(NULL, NULL, 0xFFFFFFFF); } BOOL PEFileSecurityDescriptor::AllowBindingRedirects() |