diff options
| author | Sebastien Pouliot <sebastien@ximian.com> | 2005-01-25 05:31:58 +0300 |
|---|---|---|
| committer | Sebastien Pouliot <sebastien@ximian.com> | 2005-01-25 05:31:58 +0300 |
| commit | a8a012d3993407e7c4b9ed1074a20b2f32d1bb4f (patch) | |
| tree | 7b9288c144a28c32cb9479dc5c02f425bd4bff38 /mcs/class/corlib/System.Security/PermissionSet.cs | |
| parent | 88acf2faaaad75e9e23ba85a29133406cc31f4a3 (diff) | |
2005-01-24 Sebastien Pouliot <sebastien@ximian.com>
* CodeAccessPermission.cs: Made ThrowSecurityException static so it
can be reused from PermissionSet.
* SecurityManager.cs: Use the new icalls for SecurityEnabled and
CheckExecutionRights properties. Fix IsGranted for unrestricted
permissions. Set type correctly when loading policy files.
* PermissionSet.cs: Now supports unrestricted permission set when
evaluating demands.
svn path=/trunk/mcs/; revision=39458
Diffstat (limited to 'mcs/class/corlib/System.Security/PermissionSet.cs')
| -rw-r--r-- | mcs/class/corlib/System.Security/PermissionSet.cs | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/mcs/class/corlib/System.Security/PermissionSet.cs b/mcs/class/corlib/System.Security/PermissionSet.cs index a325772ff62..7c7960213cc 100644 --- a/mcs/class/corlib/System.Security/PermissionSet.cs +++ b/mcs/class/corlib/System.Security/PermissionSet.cs @@ -215,8 +215,8 @@ namespace System.Security { // don't start the stack walk if // - the permission set only contains non CAS permissions; or // - security isn't enabled (applis only to CAS!) - if ((cas.Count > 0) && SecurityManager.SecurityEnabled) - CasOnlyDemand (_declsec ? 3 : 2); + if (!cas.IsEmpty () && SecurityManager.SecurityEnabled) + CasOnlyDemand (_declsec ? 4 : 2); } // The number of frames to skip depends on who's calling @@ -678,6 +678,19 @@ namespace System.Security { internal bool ProcessFrame (SecurityFrame frame, ref Assembly current) { + if (IsUnrestricted ()) { + // we request unrestricted + if (frame.Deny != null) { + // but have restrictions (some denied permissions) + CodeAccessPermission.ThrowSecurityException (this, "Deny", frame.Assembly, + frame.Method, SecurityAction.Demand, null); + } else if (frame.PermitOnly != null) { + // but have restrictions (onyl some permitted permissions) + CodeAccessPermission.ThrowSecurityException (this, "PermitOnly", frame.Assembly, + frame.Method, SecurityAction.Demand, null); + } + } + foreach (CodeAccessPermission cap in list) { if (cap.ProcessFrame (frame, ref current)) return true; // Assert reached - abort stack walk! |