diff options
Diffstat (limited to 'src/vm/securitydescriptor.cpp')
-rw-r--r-- | src/vm/securitydescriptor.cpp | 152 |
1 files changed, 0 insertions, 152 deletions
diff --git a/src/vm/securitydescriptor.cpp b/src/vm/securitydescriptor.cpp index a14095a981..d8af752e2e 100644 --- a/src/vm/securitydescriptor.cpp +++ b/src/vm/securitydescriptor.cpp @@ -270,157 +270,5 @@ OBJECTREF PEFileSecurityDescriptor::BuildEvidence(PEFile *pPEFile, const OBJECTR #endif // FEATURE_CAS_POLICY -#ifndef FEATURE_CORECLR -BOOL PEFileSecurityDescriptor::QuickIsFullyTrusted() -{ - CONTRACTL - { - THROWS; - GC_TRIGGERS; - MODE_ANY; - } - CONTRACTL_END; - -#ifdef CROSSGEN_COMPILE - return TRUE; -#else - if (!m_pAppDomain->GetSecurityDescriptor()->IsLegacyCasPolicyEnabled()) - { - return TRUE; - } - else if (m_pAppDomain->IsCompilationDomain()) - { - return TRUE; - } - else - { - return CheckQuickCache(SecurityConfig::FullTrustAll, GetZone()); - } -#endif -} - -#ifndef CROSSGEN_COMPILE -//--------------------------------------------------------------------------------------- -// -// Get the evidence for this PE file -// - -OBJECTREF PEFileSecurityDescriptor::GetEvidence() -{ - CONTRACTL - { - THROWS; - GC_TRIGGERS; - MODE_COOPERATIVE; - PRECONDITION(m_pAppDomain == GetAppDomain()); - INJECT_FAULT(COMPlusThrowOM()); - SO_TOLERANT; - } - CONTRACTL_END; - - // If we already have evidence, then just return that - if (IsEvidenceComputed()) - return ObjectFromLazyHandle(m_hAdditionalEvidence, m_pLoaderAllocator); - - struct - { - OBJECTREF objHostProvidedEvidence; - OBJECTREF objEvidence; - } - gc; - ZeroMemory(&gc, sizeof(gc)); - - GCPROTECT_BEGIN(gc); - BEGIN_SO_INTOLERANT_CODE(GetThread()); - -#if CHECK_APP_DOMAIN_LEAKS - if (g_pConfig->AppDomainLeaks()) - _ASSERTE(gc.objHostProvidedEvidence == NULL || GetAppDomain() == gc.objHostProvidedEvidence->GetAppDomain()); -#endif // CHECK_APP_DOMAIN_LEAKS - - gc.objHostProvidedEvidence = ObjectFromLazyHandle(m_hAdditionalEvidence, m_pLoaderAllocator); - gc.objEvidence = PEFileSecurityDescriptor::BuildEvidence(m_pPEFile, gc.objHostProvidedEvidence); - SetEvidence(gc.objEvidence); - -#if CHECK_APP_DOMAIN_LEAKS - if (g_pConfig->AppDomainLeaks()) - _ASSERTE(gc.objEvidence == NULL || GetAppDomain() == gc.objEvidence->GetAppDomain()); -#endif // CHECK_APP_DOMAIN_LEAKS - - END_SO_INTOLERANT_CODE; - - GCPROTECT_END(); - - return gc.objEvidence; -} - -DWORD PEFileSecurityDescriptor::GetZone() -{ - CONTRACTL - { - THROWS; - GC_TRIGGERS; - MODE_ANY; - INJECT_FAULT(COMPlusThrowOM();); - PRECONDITION(m_pAppDomain->GetSecurityDescriptor()->IsLegacyCasPolicyEnabled()); - } - CONTRACTL_END; - - SecZone dwZone = NoZone; - BEGIN_SO_INTOLERANT_CODE(GetThread()); - - StackSString codebase; - BYTE rbUniqueID[MAX_SIZE_SECURITY_ID]; - DWORD cbUniqueID = sizeof(rbUniqueID); - - m_pPEFile->GetSecurityIdentity(codebase, &dwZone, 0, rbUniqueID, &cbUniqueID); - END_SO_INTOLERANT_CODE; - return dwZone; -} -#endif // !CROSSGEN_COMPILE - -void PEFileSecurityDescriptor::Resolve() -{ - CONTRACTL { - THROWS; - GC_TRIGGERS; - MODE_COOPERATIVE; - INJECT_FAULT(COMPlusThrowOM();); - } CONTRACTL_END; - - if (IsResolved()) - return; - ResolveWorker(); -} - -void PEFileSecurityDescriptor::ResolveWorker() -{ - CONTRACTL - { - THROWS; - GC_TRIGGERS; - MODE_COOPERATIVE; - INJECT_FAULT(COMPlusThrowOM();); - } - CONTRACTL_END; - - SetGrantedPermissionSet(NULL, NULL, 0xFFFFFFFF); -} - -BOOL PEFileSecurityDescriptor::AllowBindingRedirects() -{ - CONTRACTL { - THROWS; - GC_TRIGGERS; - MODE_COOPERATIVE; - PRECONDITION(IsResolved()); - } CONTRACTL_END; - - ETWOnStartup (AllowBindingRedirs_V1, AllowBindingRedirsEnd_V1); - - return CheckSpecialFlag(1 << SECURITY_BINDING_REDIRECTS); -} - -#endif // FEATURE_CORECLR #endif // !DACCESS_COMPILE |