using System.Security;
using System.Security.Permissions;
using System.Security.Policy;
+using System.Text;
namespace MonoTests.System.Security.Policy {
public void SetUp ()
{
if (minimal == null) {
- minimal_policy = "<PolicyLevel version=\"1\">\r\n <SecurityClasses>\r\n <SecurityClass Name=\"PrintingPermission\"\r\n Description=\"System.Drawing.Printing.PrintingPermission, System.Drawing, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a\"/>\r\n <SecurityClass Name=\"NamedPermissionSet\"\r\n Description=\"System.Security.NamedPermissionSet\"/>\r\n <SecurityClass Name=\"ReflectionPermission\"\r\n Description=\"System.Security.Permissions.ReflectionPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"DnsPermission\"\r\n Description=\"System.Net.DnsPermission, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"EventLogPermission\"\r\n Description=\"System.Diagnostics.EventLogPermission, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"IsolatedStorageFilePermission\"\r\n Description=\"System.Security.Permissions.IsolatedStorageFilePermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"AllMembershipCondition\"\r\n Description=\"System.Security.Policy.AllMembershipCondition, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"FirstMatchCodeGroup\"\r\n Description=\"System.Security.Policy.FirstMatchCodeGroup\"/>\r\n <SecurityClass Name=\"EnvironmentPermission\"\r\n Description=\"System.Security.Permissions.EnvironmentPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n";
+ minimal_policy = "<PolicyLevel version=\"1\">\r\n <SecurityClasses>\r\n <SecurityClass Name=\"NamedPermissionSet\"\r\n Description=\"System.Security.NamedPermissionSet\"/>\r\n <SecurityClass Name=\"ReflectionPermission\"\r\n Description=\"System.Security.Permissions.ReflectionPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"IsolatedStorageFilePermission\"\r\n Description=\"System.Security.Permissions.IsolatedStorageFilePermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"AllMembershipCondition\"\r\n Description=\"System.Security.Policy.AllMembershipCondition, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"FirstMatchCodeGroup\"\r\n Description=\"System.Security.Policy.FirstMatchCodeGroup\"/>\r\n <SecurityClass Name=\"EnvironmentPermission\"\r\n Description=\"System.Security.Permissions.EnvironmentPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n";
minimal_policy += " <SecurityClass Name=\"StrongNameMembershipCondition\"\r\n Description=\"System.Security.Policy.StrongNameMembershipCondition, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"SecurityPermission\"\r\n Description=\"System.Security.Permissions.SecurityPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"UIPermission\"\r\n Description=\"System.Security.Permissions.UIPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n <SecurityClass Name=\"FileDialogPermission\"\r\n Description=\"System.Security.Permissions.FileDialogPermission, mscorlib, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"/>\r\n </SecurityClasses>\r\n <NamedPermissionSets>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Unrestricted=\"true\"\r\n Name=\"FullTrust\"\r\n Description=\"Allows full access to all resources\"/>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"SkipVerification\"\r\n Description=\"Grants right to bypass the verification\">\r\n <IPermission class=\"SecurityPermission\"\r\n version=\"1\"\r\n Flags=\"SkipVerification\"/>\r\n </PermissionSet>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"Execution\"\r\n Description=\"Permits execution\">\r\n <IPermission class=\"SecurityPermission\"\r\n version=\"1\"\r\n Flags=\"Execution\"/>\r\n </PermissionSet>\r\n";
- minimal_policy += " <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"Nothing\"\r\n Description=\"Denies all resources, including the right to execute\"/>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"LocalIntranet\"\r\n Description=\"Default rights given to applications on the local intranet\">\r\n <IPermission class=\"EnvironmentPermission\"\r\n version=\"1\"\r\n Read=\"USERNAME\"/>\r\n <IPermission class=\"FileDialogPermission\"\r\n version=\"1\"\r\n Unrestricted=\"true\"/>\r\n <IPermission class=\"IsolatedStorageFilePermission\"\r\n version=\"1\"\r\n Allowed=\"AssemblyIsolationByUser\"\r\n UserQuota=\"9223372036854775807\"\r\n Expiry=\"9223372036854775807\"\r\n Permanent=\"True\"/>\r\n <IPermission class=\"ReflectionPermission\"\r\n version=\"1\"\r\n Flags=\"ReflectionEmit\"/>\r\n <IPermission class=\"SecurityPermission\"\r\n version=\"1\"\r\n Flags=\"Assertion, Execution, BindingRedirects\"/>\r\n <IPermission class=\"UIPermission\"\r\n version=\"1\"\r\n Unrestricted=\"true\"/>\r\n <IPermission class=\"DnsPermission\"\r\n version=\"1\"\r\n Unrestricted=\"true\"/>\r\n <IPermission class=\"PrintingPermission\"\r\n version=\"1\"\r\n Level=\"DefaultPrinting\"/>\r\n <IPermission class=\"EventLogPermission\"\r\n version=\"1\">\r\n <Machine name=\".\"\r\n access=\"Instrument\"/>\r\n";
- minimal_policy += " </IPermission>\r\n </PermissionSet>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"Internet\"\r\n Description=\"Default rights given to internet applications\">\r\n <IPermission class=\"FileDialogPermission\"\r\n version=\"1\"\r\n Access=\"Open\"/>\r\n <IPermission class=\"IsolatedStorageFilePermission\"\r\n version=\"1\"\r\n Allowed=\"DomainIsolationByUser\"\r\n UserQuota=\"10240\"/>\r\n <IPermission class=\"SecurityPermission\"\r\n version=\"1\"\r\n Flags=\"Execution\"/>\r\n <IPermission class=\"UIPermission\"\r\n version=\"1\"\r\n Window=\"SafeTopLevelWindows\"\r\n Clipboard=\"OwnClipboard\"/>\r\n <IPermission class=\"PrintingPermission\"\r\n version=\"1\"\r\n Level=\"SafePrinting\"/>\r\n </PermissionSet>\r\n </NamedPermissionSets>\r\n <CodeGroup class=\"FirstMatchCodeGroup\"\r\n version=\"1\"\r\n PermissionSetName=\"Nothing\">\r\n <IMembershipCondition class=\"AllMembershipCondition\"\r\n version=\"1\"/>\r\n </CodeGroup>\r\n <FullTrustAssemblies>\r\n <IMembershipCondition class=\"StrongNameMembershipCondition\"\r\n version=\"1\"\r\n PublicKeyBlob=\"00000000000000000400000000000000\"\r\n Name=\"System\"/>\r\n </FullTrustAssemblies>\r\n</PolicyLevel>\r\n";
+ minimal_policy += " <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"Nothing\"\r\n Description=\"Denies all resources, including the right to execute\"/>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"LocalIntranet\"\r\n Description=\"Default rights given to applications on the local intranet\">\r\n <IPermission class=\"EnvironmentPermission\"\r\n version=\"1\"\r\n Read=\"USERNAME\"/>\r\n <IPermission class=\"FileDialogPermission\"\r\n version=\"1\"\r\n Unrestricted=\"true\"/>\r\n <IPermission class=\"IsolatedStorageFilePermission\"\r\n version=\"1\"\r\n Allowed=\"AssemblyIsolationByUser\"\r\n UserQuota=\"9223372036854775807\"\r\n Expiry=\"9223372036854775807\"\r\n Permanent=\"True\"/>\r\n <IPermission class=\"ReflectionPermission\"\r\n version=\"1\"\r\n Flags=\"ReflectionEmit\"/>\r\n <IPermission class=\"SecurityPermission\"\r\n version=\"1\"\r\n Flags=\"Assertion, Execution, BindingRedirects\"/>\r\n <IPermission class=\"UIPermission\"\r\n version=\"1\"\r\n Unrestricted=\"true\"/>\r\n";
+ minimal_policy += " </PermissionSet>\r\n <PermissionSet class=\"NamedPermissionSet\"\r\n version=\"1\"\r\n Name=\"Internet\"\r\n Description=\"Default rights given to internet applications\">\r\n <IPermission class=\"FileDialogPermission\"\r\n version=\"1\"\r\n Access=\"Open\"/>\r\n <IPermission class=\"IsolatedStorageFilePermission\"\r\n version=\"1\"\r\n Allowed=\"DomainIsolationByUser\"\r\n UserQuota=\"10240\"/>\r\n <IPermission class=\"SecurityPermission\"\r\n version=\"1\"\r\n Flags=\"Execution\"/>\r\n <IPermission class=\"UIPermission\"\r\n version=\"1\"\r\n Window=\"SafeTopLevelWindows\"\r\n Clipboard=\"OwnClipboard\"/>\r\n </PermissionSet>\r\n </NamedPermissionSets>\r\n <CodeGroup class=\"FirstMatchCodeGroup\"\r\n version=\"1\"\r\n PermissionSetName=\"Nothing\">\r\n <IMembershipCondition class=\"AllMembershipCondition\"\r\n version=\"1\"/>\r\n </CodeGroup>\r\n <FullTrustAssemblies>\r\n <IMembershipCondition class=\"StrongNameMembershipCondition\"\r\n version=\"1\"\r\n PublicKeyBlob=\"00000000000000000400000000000000\"\r\n Name=\"System\"/>\r\n </FullTrustAssemblies>\r\n</PolicyLevel>\r\n";
minimal = Envelope (minimal_policy);
}
}
}
[Test]
+ // Makes distcheck fail because there is no Mono installed into the prefix
+ // thus making the GAC not work...
+ [Category ("NotWorking")]
public void FromXml ()
{
PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();
}
[Test]
+ // Makes distcheck fail because there is no Mono installed into the prefix
+ // thus making the GAC not work...
+ [Category ("NotWorking")]
[ExpectedException (typeof (ArgumentException))]
public void FromXml_Invalid ()
{
// static method
pl = PolicyLevel.CreateAppDomainLevel ();
Assert.AreEqual ("AppDomain", pl.Label, "Label.AppDomain");
- }
-
- [Test]
- public void Recover ()
- {
- // note: may be dangerous to test
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (PolicyException))]\r
+ public void Recover_LoadPolicyLevelFromFile ()\r
+ {\r
+ string temp = Path.GetTempFileName ();\r
+ using (FileStream fs = File.OpenWrite (temp)) {\r
+ // that way we're sure that no back exists\r
+ byte[] data = Encoding.UTF8.GetBytes (minimal);\r
+ fs.Write (data, 0, data.Length);\r
+ fs.Close ();\r
+ }\r
+ PolicyLevel pl = SecurityManager.LoadPolicyLevelFromFile (temp, PolicyLevelType.User);\r
+ pl.Recover ();\r
+ // can't recover if no backup exists\r
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (PolicyException))]\r
+ public void Recover_LoadPolicyLevelFromString ()
+ {\r
+ PolicyLevel pl = SecurityManager.LoadPolicyLevelFromString (minimal, PolicyLevelType.Enterprise);\r
+ pl.Recover ();\r
+ // can't recover as it's not file based\r
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (PolicyException))]\r
+ public void Recover_AppDomainLevel ()\r
+ {\r
+ PolicyLevel pl = PolicyLevel.CreateAppDomainLevel ();\r
+ pl.Recover ();\r
+ // can't recover as it's not file based\r
}
[Test]
{
PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);
pl.RemoveNamedPermissionSet ("Mono");
- }
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (ArgumentException))]\r
+ public void RemoveNamedPermissionSet_FullTrust_ReservedName ()\r
+ {\r
+ PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);\r
+ pl.RemoveNamedPermissionSet ("FullTrust");\r
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (ArgumentException))]\r
+ public void RemoveNamedPermissionSet_LocalIntranet_ReservedName ()\r
+ {\r
+ PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);\r
+ pl.RemoveNamedPermissionSet ("LocalIntranet");\r
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (ArgumentException))]\r
+ public void RemoveNamedPermissionSet_Internet_ReservedName ()\r
+ {\r
+ PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);\r
+ pl.RemoveNamedPermissionSet ("Internet");\r
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (ArgumentException))]\r
+ public void RemoveNamedPermissionSet_SkipVerification_ReservedName ()\r
+ {\r
+ PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);\r
+ pl.RemoveNamedPermissionSet ("SkipVerification");\r
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (ArgumentException))]\r
+ public void RemoveNamedPermissionSet_Execution_ReservedName ()\r
+ {\r
+ PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);\r
+ pl.RemoveNamedPermissionSet ("Execution");\r
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (ArgumentException))]\r
+ public void RemoveNamedPermissionSet_Nothing_ReservedName ()\r
+ {\r
+ PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);\r
+ pl.RemoveNamedPermissionSet ("Nothing");\r
+ }\r
+\r
+ [Test]\r
+ [ExpectedException (typeof (ArgumentException))]\r
+ public void RemoveNamedPermissionSet_Everything_ReservedName ()\r
+ {\r
+ PolicyLevel pl = Load (minimal, PolicyLevelType.Machine);\r
+ pl.RemoveNamedPermissionSet ("Everything");\r
+ }\r
[Test]
public void Reset ()