X-Git-Url: http://wien.tomnetworks.com/gitweb/?a=blobdiff_plain;f=mcs%2Fclass%2Fcorlib%2FSystem.Security%2FSecurityManager.cs;h=6016ddeb37fd7bff1eea28c0e4abd7f0a9fa6078;hb=311746b41cf500aef15a68bf4a37bddcbba86ef4;hp=8fa6f986a549a4e1bb01fe872bfce4ed74c0314c;hpb=42062cff2de948ad32a3f95a0860b578fb17a4f5;p=mono.git diff --git a/mcs/class/corlib/System.Security/SecurityManager.cs b/mcs/class/corlib/System.Security/SecurityManager.cs index 8fa6f986a54..6016ddeb37f 100644 --- a/mcs/class/corlib/System.Security/SecurityManager.cs +++ b/mcs/class/corlib/System.Security/SecurityManager.cs @@ -99,7 +99,7 @@ namespace System.Security { // NOTE: This method doesn't show in the class library status page because // it cannot be "found" with the StrongNameIdentityPermission for ECMA key. // But it's there! - [MonoTODO] + [MonoTODO ("works for fulltrust (empty), documentation doesn't really make sense, type wise")] [StrongNameIdentityPermission (SecurityAction.LinkDemand, PublicKey = "0x00000000000000000400000000000000")] public static void GetZoneAndOrigin (out ArrayList zone, out ArrayList origin) { @@ -182,8 +182,18 @@ namespace System.Security { foreach (IPermission p in ps) { // note: this may contains non CAS permissions if ((!noncas) && (p is CodeAccessPermission)) { - if (!SecurityManager.IsGranted (a, p)) +#if NET_2_0 + if (!IsGranted (a, p)) return p; +#else + if (p is IUnrestrictedPermission) { + if (!IsGranted (a, p)) + return p; + } else { + if (!IsGrantedRestricted (a, p)) + return p; + } +#endif } else { // but non-CAS will throw on failure... try { @@ -292,24 +302,11 @@ namespace System.Security { ResolveIdentityPermissions (ps, evidence); - // do we have the right to execute ? - if (CheckExecutionRights) { - // unless we have "Full Trust"... - if (!ps.IsUnrestricted ()) { - // ... we need to find a SecurityPermission - IPermission security = ps.GetPermission (typeof (SecurityPermission)); - if (!_execution.IsSubsetOf (security)) { - throw new PolicyException (Locale.GetText ( - "Policy doesn't grant the right to execute to the assembly.")); - } - } - } - return ps; } #if NET_2_0 - [MonoTODO ("more tests are needed")] + [MonoTODO ("(2.0) more tests are needed")] public static PermissionSet ResolvePolicy (Evidence[] evidences) { if ((evidences == null) || (evidences.Length == 0) || @@ -349,7 +346,6 @@ namespace System.Security { static private SecurityPermission _execution = new SecurityPermission (SecurityPermissionFlag.Execution); - [MonoTODO()] public static PermissionSet ResolvePolicy (Evidence evidence, PermissionSet reqdPset, PermissionSet optPset, PermissionSet denyPset, out PermissionSet denied) { PermissionSet resolved = ResolvePolicy (evidence); @@ -359,6 +355,27 @@ namespace System.Security { "Policy doesn't grant the minimal permissions required to execute the assembly.")); } + // do we check for execution rights ? + if (CheckExecutionRights) { + bool execute = false; + // an empty permissionset doesn't include Execution + if (resolved != null) { + // unless we have "Full Trust"... + if (resolved.IsUnrestricted ()) { + execute = true; + } else { + // ... we need to find a SecurityPermission + IPermission security = resolved.GetPermission (typeof (SecurityPermission)); + execute = _execution.IsSubsetOf (security); + } + } + + if (!execute) { + throw new PolicyException (Locale.GetText ( + "Policy doesn't grant the right to execute the assembly.")); + } + } + denied = denyPset; return resolved; }