1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
using System.Diagnostics.CodeAnalysis;
using System.Reflection;
using System.Security;
namespace System.Web.Mvc
{
internal static class SecurityUtil
{
private static Action<Action> _callInAppTrustThunk;
// !! IMPORTANT !!
// Do not try to optimize this method or perform any extra caching; doing so could lead to MVC not operating
// correctly until the AppDomain is restarted.
[SuppressMessage("Microsoft.Security", "CA2107:ReviewDenyAndPermitOnlyUsage",
Justification = "This is essentially the same logic as Page.ProcessRequest.")]
[SuppressMessage("Microsoft.Design", "CA1031:DoNotCatchGeneralExceptionTypes",
Justification = "If an exception is thrown, assume we're running in same trust level as the application itself, so we don't need to do anything special.")]
private static Action<Action> GetCallInAppTrustThunk()
{
// do we need to create the thunk?
if (_callInAppTrustThunk == null)
{
try
{
if (!typeof(SecurityUtil).Assembly.IsFullyTrusted /* bin-deployed */
|| AppDomain.CurrentDomain.IsHomogenous /* .NET 4 CAS model */)
{
// we're already running in the application's trust level, so nothing to do
_callInAppTrustThunk = f => f();
}
else
{
// legacy CAS model - need to lower own permission level to be compatible with legacy systems
// This is essentially the same logic as Page.ProcessRequest(HttpContext)
NamedPermissionSet namedPermissionSet = (NamedPermissionSet)typeof(HttpRuntime).GetProperty("NamedPermissionSet", BindingFlags.NonPublic | BindingFlags.Public | BindingFlags.Static).GetValue(null, null);
bool disableProcessRequestInApplicationTrust = (bool)typeof(HttpRuntime).GetProperty("DisableProcessRequestInApplicationTrust", BindingFlags.NonPublic | BindingFlags.Public | BindingFlags.Static).GetValue(null, null);
if (namedPermissionSet != null && !disableProcessRequestInApplicationTrust)
{
_callInAppTrustThunk = f =>
{
// lower permissions
namedPermissionSet.PermitOnly();
f();
};
}
else
{
// application's trust level is FullTrust, so nothing to do
_callInAppTrustThunk = f => f();
}
}
}
catch
{
// MVC assembly is already running in application trust, so swallow exceptions
}
}
// if there was an error, just process transparently
return _callInAppTrustThunk ?? (Action<Action>)(f => f());
}
public static TResult ProcessInApplicationTrust<TResult>(Func<TResult> func)
{
TResult result = default(TResult);
ProcessInApplicationTrust(delegate
{
result = func();
});
return result;
}
public static void ProcessInApplicationTrust(Action action)
{
Action<Action> executor = GetCallInAppTrustThunk();
executor(action);
}
}
}
|