2005-09-02 Sebastien Pouliot <sebastien@ximian.com>

	* SecurityManager.cs: Added AppDomain support in InheritanceDemand.
	Fixed some another small difference between 1.x and 2.0 (wrt
	unrestricted permissions). Fixed error reporting for InheritanceDemand
	(was LinkDemand).

svn path=/trunk/mcs/; revision=49347

diff --git a/mcs/class/corlib/System.Security/ChangeLog b/mcs/class/corlib/System.Security/ChangeLog
index f78ca4d3c0a4818c694dd76d940f2b7b0de7b25e..0fb43aa194d540f383fc965cb32b91ad08eae535 100644 (file)
--- a/mcs/class/corlib/System.Security/ChangeLog
+++ b/mcs/class/corlib/System.Security/ChangeLog
@@ -1,9 +1,13 @@
-2005-09-02  Sebastien Pouliot  <sebastien@ximian.com> 
-
+2005-09-02  Sebastien Pouliot  <sebastien@ximian.com>
+ 
        * CodeAccessPermission.cs: Fix Deny for permissions that do not return
        null for empty intersection (common on flags-based permissions).
        * PermissionBuilder.cs: Add an helper call to create an empty 
        (PermissionState.None) permission from a type.
+       * SecurityManager.cs: Added AppDomain support in InheritanceDemand. 
+       Fixed some another small difference between 1.x and 2.0 (wrt 
+       unrestricted permissions). Fixed error reporting for InheritanceDemand
+       (was LinkDemand).
 
 2005-06-30  Sebastien Pouliot  <sebastien@ximian.com> 
 

diff --git a/mcs/class/corlib/System.Security/SecurityManager.cs b/mcs/class/corlib/System.Security/SecurityManager.cs
index 6016ddeb37fd7bff1eea28c0e4abd7f0a9fa6078..a27d37ae7f0145da7fb6fc87c8462d0c8e25a4a8 100644 (file)
--- a/mcs/class/corlib/System.Security/SecurityManager.cs
+++ b/mcs/class/corlib/System.Security/SecurityManager.cs
@@ -216,8 +216,15 @@ namespace System.Security {
                        PermissionSet granted = ad.GrantedPermissionSet;
                        if (granted == null)
                                return null;
-                       if ((ad.GrantedPermissionSet.Count == 0) && ad.GrantedPermissionSet.IsUnrestricted ())
+#if NET_2_0
+                       if (granted.IsUnrestricted ())
+                               return null;
+#else
+                       if ((granted.Count == 0) && granted.IsUnrestricted ())
                                return null;
+#endif
+                       if (ps.IsUnrestricted ())
+                               return new SecurityPermission (SecurityPermissionFlag.NoFlags);
 
                        foreach (IPermission p in ps) {
                                if (p is CodeAccessPermission) {
@@ -807,7 +814,7 @@ namespace System.Security {
                                break;
                        }
 
-                       throw new SecurityException (message, an, granted, refused, method, SecurityAction.LinkDemand, null, null, null);
+                       throw new SecurityException (message, an, granted, refused, method, SecurityAction.InheritanceDemand, null, null, null);
                }
 
                // internal - get called by the class loader
@@ -815,7 +822,7 @@ namespace System.Security {
                // Called when
                // - class inheritance
                // - method overrides
-               private unsafe static bool InheritanceDemand (Assembly a, RuntimeDeclSecurityActions *actions)
+               private unsafe static bool InheritanceDemand (AppDomain ad, Assembly a, RuntimeDeclSecurityActions *actions)
                {
                        try {
                                PermissionSet ps = null;
@@ -823,10 +830,18 @@ namespace System.Security {
                                if (actions->cas.size > 0) {
                                        ps = Decode (actions->cas.blob, actions->cas.size);
                                        result = (SecurityManager.CheckPermissionSet (a, ps, false) == null);
+                                       if (result) {
+                                               // also check appdomain
+                                               result = (SecurityManager.CheckPermissionSet (ad, ps) == null);
+                                       }
                                }
                                if (actions->noncas.size > 0) {
                                        ps = Decode (actions->noncas.blob, actions->noncas.size);
                                        result = (SecurityManager.CheckPermissionSet (a, ps, true) == null);
+                                       if (result) {
+                                               // also check appdomain
+                                               result = (SecurityManager.CheckPermissionSet (ad, ps) == null);
+                                       }
                                }
 #if NET_2_0
                                // success if one of the permission is granted
@@ -836,7 +851,7 @@ namespace System.Security {
                                                result = false;
                                                foreach (PermissionSet pset in psc) {
                                                        if (SecurityManager.CheckPermissionSet (a, pset, false) == null) {
-                                                               result = true;
+                                                               result = (SecurityManager.CheckPermissionSet (ad, pset) == null);
                                                                break;
                                                        }
                                                }