1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
// See the LICENSE file in the project root for more information.
//
//
#ifndef __SECURITYDESCRIPTORAPPDOMAIN_INL__
#define __SECURITYDESCRIPTORAPPDOMAIN_INL__
#ifndef DACCESS_COMPILE
inline ApplicationSecurityDescriptor::ApplicationSecurityDescriptor(AppDomain *pAppDomain) :
SecurityDescriptorBase<IApplicationSecurityDescriptor>(pAppDomain, NULL, NULL, pAppDomain->GetLoaderAllocator()),
#ifdef FEATURE_PLS
m_hDomainPermissionListSet(NULL),
#endif // FEAUTRE_PLS
m_dwDomainWideSpecialFlags(0xFFFFFFFF),
m_fIsInitializationInProgress(TRUE),
m_fIsDefaultAppdomain(FALSE),
m_fIsDefaultAppdomainEvidence(FALSE),
m_fHomogeneous(FALSE),
m_fRuntimeSuppliedHomogenousGrantSet(FALSE),
#ifdef FEATURE_CAS_POLICY
m_fLegacyCasPolicy(Security::IsProcessWideLegacyCasPolicyEnabled()),
#endif // FEATURE_CAS_POLICY
m_dwHostSecurityManagerFlags(HOST_NONE),
m_fContainsAnyRefusedPermissions(FALSE),
m_fIsPreResolved(FALSE),
m_fPreResolutionFullTrust(FALSE),
m_fPreResolutionHomogeneous(FALSE)
#ifdef FEATURE_APTCA
,m_pConditionalAptcaCache(new ConditionalAptcaCache(pAppDomain))
#endif // FEATURE_APTCA
{
CONTRACTL
{
THROWS;
GC_TRIGGERS;
MODE_ANY;
INJECT_FAULT(COMPlusThrowOM(););
}
CONTRACTL_END;
return;
}
#ifdef FEATURE_APTCA
inline ApplicationSecurityDescriptor::~ApplicationSecurityDescriptor()
{
CONTRACTL
{
NOTHROW;
MODE_ANY;
GC_TRIGGERS;
}
CONTRACTL_END;
delete m_pConditionalAptcaCache;
}
#endif // FEATURE_APTCA
inline void ApplicationSecurityDescriptor::ResetInitializationInProgress()
{
LIMITED_METHOD_CONTRACT;
m_fIsInitializationInProgress = FALSE;
}
// Checks for one of the special domain wide flags such as if we are currently in a "fully trusted"
// environment or if unmanaged code access is allowed at this time
inline BOOL ApplicationSecurityDescriptor::CheckDomainWideSpecialFlag(DWORD flags) const
{
LIMITED_METHOD_CONTRACT;
return (m_dwDomainWideSpecialFlags & flags);
}
inline void ApplicationSecurityDescriptor::SetDefaultAppDomain()
{
LIMITED_METHOD_CONTRACT;
m_fIsDefaultAppdomain = TRUE;
m_fIsDefaultAppdomainEvidence = TRUE; // Follows from the fact that this is a default AppDomain
}
inline void ApplicationSecurityDescriptor::SetDefaultAppDomainEvidence()
{
LIMITED_METHOD_CONTRACT;
m_fIsDefaultAppdomainEvidence = TRUE; // This need not be a default AD, but has no evidence. So we'll use the default AD evidence
}
inline void ApplicationSecurityDescriptor::SetHomogeneousFlag(BOOL fRuntimeSuppliedHomogenousGrantSet)
{
LIMITED_METHOD_CONTRACT;
m_fHomogeneous = TRUE;
m_fRuntimeSuppliedHomogenousGrantSet = fRuntimeSuppliedHomogenousGrantSet;
}
#ifdef FEATURE_CAS_POLICY
// Does the domain's HSM need to be consulted for assemblies loaded into the domain
inline BOOL ApplicationSecurityDescriptor::CallHostSecurityManagerForAssemblies()
{
LIMITED_METHOD_CONTRACT;
// We always need to call the HSM if it wants to specify the assembly's grant set
if (m_dwHostSecurityManagerFlags & HOST_RESOLVE_POLICY)
{
return TRUE;
}
// In legacy CAS mode, we also need to call the HSM if it wants to supply evidence or if we have an
// AppDomain policy level
if (IsLegacyCasPolicyEnabled())
{
if ((m_dwHostSecurityManagerFlags & HOST_ASM_EVIDENCE) ||
(m_dwHostSecurityManagerFlags & HOST_POLICY_LEVEL))
{
return TRUE;
}
}
return FALSE;
}
#endif // FEATURE_CAS_POLICY
#endif // #ifndef DACCESS_COMPILE
#endif // !__SECURITYDESCRIPTORAPPDOMAIN_INL__
|