PartialTrustHelpers.cs source code in C# .NET

Source code for the .NET framework in C#

                        

Code:

/ WCF / WCF / 3.5.30729.1 / untmp / Orcas / SP / ndp / cdf / src / WCF / ServiceModel / System / ServiceModel / PartialTrustHelpers.cs / 1 / PartialTrustHelpers.cs

                            //------------------------------------------------------------ 
// Copyright (c) Microsoft Corporation.  All rights reserved.
//-----------------------------------------------------------
namespace System.ServiceModel
{ 
    using System.Security;
    using System.Web; 
    using System.Threading; 
    using System.Diagnostics;
    using System.Reflection; 
    using System.Security.Permissions;

    static class PartialTrustHelpers
    { 
        /// 
        /// Critical - caches the PermissionSet associated with the asp.net trust level 
        ///            this will not change over the life of the AppDomain 
        /// 
        [SecurityCritical] 
        static SecurityContext aspNetSecurityContext;

        /// 
        /// Critical - if erroneously set to true, could bypass the PermitOnly 
        /// 
        [SecurityCritical] 
        static bool isInitialized; 

        ///  
        /// RequiresReview - determines if the given PermissionSet is full trust
        ///                  we will base subsequent security decisions on this
        /// 
        [SecurityRequiresReview] 
        static bool IsFullTrust(PermissionSet perms)
        { 
            return perms == null || perms.IsUnrestricted(); 
        }
 
        internal static bool NeedPartialTrustInvoke
        {
            /// 
            /// Critical - makes a security sensitive decision, updates aspNetSecurityContext and isInitialized 
            /// Safe - ok to know whether the ASP app is partial trust
            ///  
            [SecurityCritical, SecurityTreatAsSafe] 
            get
            { 
                if (!isInitialized)
                {
                    NamedPermissionSet aspNetPermissionSet = HttpRuntime.GetNamedPermissionSet();
                    if (!IsFullTrust(aspNetPermissionSet)) 
                    {
                        try 
                        { 
                            aspNetPermissionSet.PermitOnly();
                            aspNetSecurityContext = CaptureSecurityContextNoIdentityFlow(); 
                        }
                        finally
                        {
                            CodeAccessPermission.RevertPermitOnly(); 
                        }
                    } 
                    isInitialized = true; 
                }
                return aspNetSecurityContext != null; 
            }
        }

        ///  
        /// Critical - captures security context with identity flow suppressed, this requires satisfying a LinkDemand for infrastructure
        ///  
        [SecurityCritical] 
        internal static SecurityContext CaptureSecurityContextNoIdentityFlow()
        { 
            // capture the security context but never flow windows identity
            if (SecurityContext.IsWindowsIdentityFlowSuppressed())
            {
                return SecurityContext.Capture(); 
            }
            else 
            { 
                using (SecurityContext.SuppressFlowWindowsIdentity())
                { 
                    return SecurityContext.Capture();
                }
            }
        } 

        ///  
        /// Critical - touches aspNetSecurityContext 
        /// Safe - ok to invoke the user's delegate under the PT context
        ///  
        [SecurityCritical, SecurityTreatAsSafe]
        internal static void PartialTrustInvoke(ContextCallback callback, object state)
        {
            if (NeedPartialTrustInvoke) 
            {
                SecurityContext.Run(aspNetSecurityContext.CreateCopy(), callback, state); 
            } 
            else
            { 
                callback(state);
            }
        }
 

        ///  
        /// Critical - used in a security-sensitive decision 
        /// 
        [SecurityCritical] 
        internal static bool IsTypeAptca(Type type)
        {
            Assembly assembly = type.Assembly;
            return IsAssemblyAptca(assembly) || !IsAssemblySigned(assembly); 
        }
 
        ///  
        /// Critical - used in a security-sensitive decision
        ///  
        [SecurityCritical]
        static Type aptca;

        ///  
        /// Critical - used in a security-sensitive decision
        ///  
        [SecurityCritical] 
        static bool IsAssemblyAptca(Assembly assembly)
        { 
            if (aptca == null)
            {
                aptca = typeof(AllowPartiallyTrustedCallersAttribute);
            } 
            return assembly.GetCustomAttributes(aptca, false).Length > 0;
        } 
 
        /// 
        /// Critical - used in a security-sensitive decision 
        /// 
        [SecurityCritical]
        [FileIOPermission(SecurityAction.Assert, Unrestricted=true)]
        static bool IsAssemblySigned(Assembly assembly) 
        {
            byte[] publicKeyToken = assembly.GetName().GetPublicKeyToken(); 
            return publicKeyToken != null & publicKeyToken.Length > 0; 
        }
    } 
}

// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
                        

Link Menu

Network programming in C#, Network Programming in VB.NET, Network Programming in .NET
This book is available now!
Buy at Amazon US or
Buy at Amazon UK