We need you! We're working hard on the next version of Developer Fusion - Let us know what you think we should be up to!

The Labs \ Source Viewer \ SSCLI \ System.Security.Policy \ ApplicationSecurityManager

SSCLI
  1. // ==++==
  2. //
  3. //
  4. // Copyright (c) 2006 Microsoft Corporation. All rights reserved.
  5. //
  6. // The use and distribution terms for this software are contained in the file
  7. // named license.txt, which can be found in the root of this distribution.
  8. // By using this software in any fashion, you are agreeing to be bound by the
  9. // terms of this license.
  10. //
  11. // You must not remove this notice, or any other, from this software.
  12. //
  13. //
  14. // ==--==
  16. //
  17. // ApplicationSecurityManager.cs
  18. //
  20. namespace System.Security.Policy
  21. {
  22.     using System.Deployment.Internal.Isolation;
  23.     using System.Deployment.Internal.Isolation.Manifest;
  24.     using System.IO;
  25.     using System.Runtime.Versioning;
  26.     using System.Security.Permissions;
  27.     using System.Security.Util;
  28.    
  29.     [System.Runtime.InteropServices.ComVisible(true)]
  30.     public static class ApplicationSecurityManager
  31.     {
  32.         private static IApplicationTrustManager m_appTrustManager = null;
  33.        
  34.         //
  35.         // Public static methods.
  36.         //
  37.        
  38.         [SecurityPermission(SecurityAction.LinkDemand, Flags = SecurityPermissionFlag.ControlPolicy | SecurityPermissionFlag.ControlEvidence)]
  39.         [SecurityPermissionAttribute(SecurityAction.Assert, Unrestricted = true)]
  40.         public static bool DetermineApplicationTrust(ActivationContext activationContext, TrustManagerContext context)
  41.         {
  42.             if (activationContext == null)
  43.                 throw new ArgumentNullException("activationContext");
  44.            
  45.             ApplicationTrust appTrust = null;
  46.             AppDomainManager domainManager = AppDomain.CurrentDomain.DomainManager;
  47.             if (domainManager != null) {
  48.                 HostSecurityManager securityManager = domainManager.HostSecurityManager;
  49.                 if ((securityManager != null) && ((securityManager.Flags & HostSecurityManagerOptions.HostDetermineApplicationTrust) == HostSecurityManagerOptions.HostDetermineApplicationTrust)) {
  50.                     appTrust = securityManager.DetermineApplicationTrust(CmsUtils.MergeApplicationEvidence(null, activationContext.Identity, activationContext, null), null, context);
  51.                     if (appTrust == null)
  52.                         return false;
  53.                     return appTrust.IsApplicationTrustedToRun;
  54.                 }
  55.             }
  56.            
  57.             appTrust = DetermineApplicationTrustInternal(activationContext, context);
  58.             if (appTrust == null)
  59.                 return false;
  60.             return appTrust.IsApplicationTrustedToRun;
  61.         }
  62.        
  63.         //
  64.         // Public static properties.
  65.         //
  66.        
  67.         public static ApplicationTrustCollection UserApplicationTrusts {
  68.             [SecurityPermissionAttribute(SecurityAction.Demand, Flags = SecurityPermissionFlag.ControlPolicy)]
  69.             get { return new ApplicationTrustCollection(true); }
  70.         }
  71.        
  72.         public static IApplicationTrustManager ApplicationTrustManager {
  73.             [SecurityPermissionAttribute(SecurityAction.Demand, Flags = SecurityPermissionFlag.ControlPolicy)]
  74.             get {
  75.                 if (m_appTrustManager == null) {
  76.                     m_appTrustManager = DecodeAppTrustManager();
  77.                     if (m_appTrustManager == null)
  78.                         throw new PolicyException(Environment.GetResourceString("Policy_NoTrustManager"));
  79.                 }
  80.                 return m_appTrustManager;
  81.             }
  82.         }
  83.        
  84.         //
  85.         // Internal
  86.         //
  87.        
  88.         static internal ApplicationTrust DetermineApplicationTrustInternal(ActivationContext activationContext, TrustManagerContext context)
  89.         {
  90.             ApplicationTrust trust = null;
  91.             ApplicationTrustCollection userTrusts = new ApplicationTrustCollection(true);
  92.            
  93.             // See if there is a persisted trust decision for this application.
  94.             if ((context == null || !context.IgnorePersistedDecision)) {
  95.                 trust = userTrusts[activationContext.Identity.FullName];
  96.                 if (trust != null)
  97.                     return trust;
  98.             }
  99.            
  100.             // There is no cached trust decision so invoke the trust manager.
  101.             trust = ApplicationTrustManager.DetermineApplicationTrust(activationContext, context);
  102.             if (trust == null)
  103.                 trust = new ApplicationTrust(activationContext.Identity);
  104.             // make sure the application identity is correctly set.
  105.             trust.ApplicationIdentity = activationContext.Identity;
  106.             if (trust.Persist)
  107.                 userTrusts.Add(trust);
  108.            
  109.             return trust;
  110.         }
  111.        
  112.         //
  113.         // Private.
  114.         //
  115.        
  116.         private static string s_machineConfigFile = Config.MachineDirectory + "applicationtrust.config";
  117.        
  118.         [ResourceExposure(ResourceScope.None)]
  119.         [ResourceConsumption(ResourceScope.Machine, ResourceScope.Machine)]
  120.         private static IApplicationTrustManager DecodeAppTrustManager()
  121.         {
  122.             if (!File.InternalExists(s_machineConfigFile))
  123.                 goto defaultTrustManager;
  124.            
  125.             // A config file exists. Decode the trust manager from its Xml.
  126.             FileStream contents = new FileStream(s_machineConfigFile, FileMode.Open, FileAccess.Read);
  127.            
  128.             SecurityElement elRoot = SecurityElement.FromString(new StreamReader(contents).ReadToEnd());
  129.             SecurityElement elMscorlib = elRoot.SearchForChildByTag("mscorlib");
  130.             if (elMscorlib == null)
  131.                 goto defaultTrustManager;
  132.             SecurityElement elSecurity = elMscorlib.SearchForChildByTag("security");
  133.             if (elSecurity == null)
  134.                 goto defaultTrustManager;
  135.             SecurityElement elPolicy = elSecurity.SearchForChildByTag("policy");
  136.             if (elPolicy == null)
  137.                 goto defaultTrustManager;
  138.             SecurityElement elSecurityManager = elPolicy.SearchForChildByTag("ApplicationSecurityManager");
  139.             if (elSecurityManager == null)
  140.                 goto defaultTrustManager;
  141.             SecurityElement elTrustManager = elSecurityManager.SearchForChildByTag("IApplicationTrustManager");
  142.             if (elTrustManager == null)
  143.                 goto defaultTrustManager;
  144.             IApplicationTrustManager appTrustManager = DecodeAppTrustManagerFromElement(elTrustManager);
  145.             if (appTrustManager == null)
  146.                 goto defaultTrustManager;
  147.             return appTrustManager;
  148.             defaultTrustManager:
  149.            
  150.             return DecodeAppTrustManagerFromElement(CreateDefaultApplicationTrustManagerElement());
  151.         }
  152.        
  153.         private static SecurityElement CreateDefaultApplicationTrustManagerElement()
  154.         {
  155.             SecurityElement elTrustManager = new SecurityElement("IApplicationTrustManager");
  156.             elTrustManager.AddAttribute("class", "System.Security.Policy.TrustManager, System.Windows.Forms, Version=" + System.Reflection.Assembly.GetExecutingAssembly().GetVersion() + ", Culture=neutral, PublicKeyToken=" + AssemblyRef.EcmaPublicKeyToken);
  157.             elTrustManager.AddAttribute("version", "1");
  158.             return elTrustManager;
  159.         }
  160.        
  161.         private static IApplicationTrustManager DecodeAppTrustManagerFromElement(SecurityElement elTrustManager)
  162.         {
  163.             new ReflectionPermission(ReflectionPermissionFlag.MemberAccess).Assert();
  164.             string trustManagerName = elTrustManager.Attribute("class");
  165.             Type tmClass = Type.GetType(trustManagerName, false, false);
  166.             if (tmClass == null)
  167.                 return null;
  168.            
  169.             IApplicationTrustManager appTrustManager = Activator.CreateInstance(tmClass) as IApplicationTrustManager;
  170.             if (appTrustManager != null)
  171.                 appTrustManager.FromXml(elTrustManager);
  172.             return appTrustManager;
  173.         }
  174.     }
  175. }

Developer Fusion