diff options
Diffstat (limited to 'src/mscorlib/src/System/Security/SecurityRuntime.cs')
-rw-r--r-- | src/mscorlib/src/System/Security/SecurityRuntime.cs | 156 |
1 files changed, 8 insertions, 148 deletions
diff --git a/src/mscorlib/src/System/Security/SecurityRuntime.cs b/src/mscorlib/src/System/Security/SecurityRuntime.cs index 9d776affd3..d037fe939d 100644 --- a/src/mscorlib/src/System/Security/SecurityRuntime.cs +++ b/src/mscorlib/src/System/Security/SecurityRuntime.cs @@ -4,7 +4,8 @@ // -namespace System.Security { +namespace System.Security +{ using System; using System.Globalization; using System.Threading; @@ -26,7 +27,6 @@ namespace System.Security { // // Internal only, do not doc. // - [System.Security.SecurityCritical] // auto-generated [MethodImplAttribute(MethodImplOptions.InternalCall)] internal static extern FrameSecurityDescriptor GetSecurityObjectForFrame(ref StackCrawlMark stackMark, @@ -37,7 +37,6 @@ namespace System.Security { internal const bool StackHalt = false; // this method is a big perf hit, so don't call unnecessarily - [System.Security.SecurityCritical] // auto-generated internal static MethodInfo GetMethodInfo(RuntimeMethodHandleInternal rmh) { if (rmh.IsNullHandle()) @@ -60,7 +59,6 @@ namespace System.Security { #endif } - [System.Security.SecurityCritical] // auto-generated private static bool FrameDescSetHelper(FrameSecurityDescriptor secDesc, PermissionSet demandSet, out PermissionSet alteredDemandSet, @@ -69,7 +67,6 @@ namespace System.Security { return secDesc.CheckSetDemand(demandSet, out alteredDemandSet, rmh); } - [System.Security.SecurityCritical] // auto-generated private static bool FrameDescHelper(FrameSecurityDescriptor secDesc, IPermission demandIn, PermissionToken permToken, @@ -79,7 +76,6 @@ namespace System.Security { } #if FEATURE_COMPRESSEDSTACK - [System.Security.SecurityCritical] private static bool CheckDynamicMethodSetHelper(System.Reflection.Emit.DynamicResolver dynamicResolver, PermissionSet demandSet, out PermissionSet alteredDemandSet, @@ -99,7 +95,6 @@ namespace System.Security { return result; } - [System.Security.SecurityCritical] private static bool CheckDynamicMethodHelper(System.Reflection.Emit.DynamicResolver dynamicResolver, IPermission demandIn, PermissionToken permToken, @@ -122,176 +117,41 @@ namespace System.Security { // // API for PermissionSets // - - [System.Security.SecurityCritical] // auto-generated + internal static void Assert(PermissionSet permSet, ref StackCrawlMark stackMark) { -#if FEATURE_CAS_POLICY - // Note: if the "AssertPermission" is not a permission that implements IUnrestrictedPermission - // you need to change the fourth parameter to a zero. - FrameSecurityDescriptor secObj = CodeAccessSecurityEngine.CheckNReturnSO( - CodeAccessSecurityEngine.AssertPermissionToken, - CodeAccessSecurityEngine.AssertPermission, - ref stackMark, - 1 ); - - Contract.Assert(secObj != null,"Failure in SecurityRuntime.Assert() - secObj != null"); - if (secObj == null) - { - // Security: REQ_SQ flag is missing. Bad compiler ? - System.Environment.FailFast(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor")); - } - else - { - if (secObj.HasImperativeAsserts()) - throw new SecurityException( Environment.GetResourceString( "Security_MustRevertOverride" ) ); - - secObj.SetAssert(permSet); - } -#endif // FEATURE_CAS_POLICY } - - [System.Security.SecurityCritical] // auto-generated + internal static void AssertAllPossible(ref StackCrawlMark stackMark) { -#if FEATURE_CAS_POLICY - FrameSecurityDescriptor secObj = - SecurityRuntime.GetSecurityObjectForFrame(ref stackMark, true); - - Contract.Assert(secObj != null, "Failure in SecurityRuntime.AssertAllPossible() - secObj != null"); - if (secObj == null) - { - // Security: REQ_SQ flag is missing. Bad compiler ? - System.Environment.FailFast(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor")); - } - else - { - if (secObj.GetAssertAllPossible()) - throw new SecurityException( Environment.GetResourceString( "Security_MustRevertOverride" ) ); - - secObj.SetAssertAllPossible(); - } -#endif // FEATURE_CAS_POLICY } - - [System.Security.SecurityCritical] // auto-generated + internal static void Deny(PermissionSet permSet, ref StackCrawlMark stackMark) { -#if FEATURE_CAS_POLICY - // Deny is only valid in legacy mode - if (!AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled) - { - throw new NotSupportedException(Environment.GetResourceString("NotSupported_CasDeny")); - } - - FrameSecurityDescriptor secObj = - SecurityRuntime.GetSecurityObjectForFrame(ref stackMark, true); - - Contract.Assert(secObj != null, "Failure in SecurityRuntime.Deny() - secObj != null"); - if (secObj == null) - { - // Security: REQ_SQ flag is missing. Bad compiler ? - System.Environment.FailFast(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor")); - } - else - { - if (secObj.HasImperativeDenials()) - throw new SecurityException( Environment.GetResourceString( "Security_MustRevertOverride" ) ); - - secObj.SetDeny(permSet); - } -#endif // FEATURE_CAS_POLICY } - - [System.Security.SecurityCritical] // auto-generated + internal static void PermitOnly(PermissionSet permSet, ref StackCrawlMark stackMark) { -#if FEATURE_CAS_POLICY - FrameSecurityDescriptor secObj = - SecurityRuntime.GetSecurityObjectForFrame(ref stackMark, true); - - Contract.Assert(secObj != null, "Failure in SecurityRuntime.PermitOnly() - secObj != null"); - if (secObj == null) - { - // Security: REQ_SQ flag is missing. Bad compiler ? - System.Environment.FailFast(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor")); - } - else - { - if (secObj.HasImperativeRestrictions()) - throw new SecurityException( Environment.GetResourceString( "Security_MustRevertOverride" ) ); - - secObj.SetPermitOnly(permSet); - } -#endif // FEATURE_CAS_POLICY } - + // // Revert API // - - [System.Security.SecurityCritical] // auto-generated + internal static void RevertAssert(ref StackCrawlMark stackMark) { -#if FEATURE_CAS_POLICY - FrameSecurityDescriptor secObj = GetSecurityObjectForFrame(ref stackMark, false); - if (secObj != null) - { - secObj.RevertAssert(); - } - else - { - throw new InvalidOperationException(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor")); - } -#endif // FEATURE_CAS_POLICY } - [System.Security.SecurityCritical] // auto-generated internal static void RevertDeny(ref StackCrawlMark stackMark) { -#if FEATURE_CAS_POLICY - FrameSecurityDescriptor secObj = GetSecurityObjectForFrame(ref stackMark, false); - if (secObj != null) - { - secObj.RevertDeny(); - } - else - { - throw new InvalidOperationException(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor")); - } -#endif // FEATURE_CAS_POLICY } - [System.Security.SecurityCritical] // auto-generated internal static void RevertPermitOnly(ref StackCrawlMark stackMark) { -#if FEATURE_CAS_POLICY - FrameSecurityDescriptor secObj = GetSecurityObjectForFrame(ref stackMark, false); - if (secObj != null) - { - secObj.RevertPermitOnly(); - } - else - { - throw new InvalidOperationException(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor")); - } -#endif // FEATURE_CAS_POLICY } - [System.Security.SecurityCritical] // auto-generated internal static void RevertAll(ref StackCrawlMark stackMark) { -#if FEATURE_CAS_POLICY - FrameSecurityDescriptor secObj = GetSecurityObjectForFrame(ref stackMark, false); - if (secObj != null) - { - secObj.RevertAll(); - } - else - { - throw new InvalidOperationException(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor")); - } -#endif // FEATURE_CAS_POLICY } } } |