2005-06-01 Sebastien Pouliot <sebastien@ximian.com>
authorSebastien Pouliot <sebastien@ximian.com>
Wed, 1 Jun 2005 18:52:56 +0000 (18:52 -0000)
committerSebastien Pouliot <sebastien@ximian.com>
Wed, 1 Jun 2005 18:52:56 +0000 (18:52 -0000)
* PermissionBuilder.cs: Removed unification stuff. This is done at a
lower level.
* SecurityManager.cs: Split loading PolicyLevel in two phases. The
PolicyHierarchy is now available after phase 1 which ensures we can
load permission from outside corlib.

svn path=/trunk/mcs/; revision=45305

mcs/class/corlib/System.Security/ChangeLog
mcs/class/corlib/System.Security/PermissionBuilder.cs
mcs/class/corlib/System.Security/SecurityManager.cs

index 5715e7d1b815be8d4040a1d3b91c2c4fa484203d..4df639320fbb40bb09c3d8df9568d08224153838 100755 (executable)
@@ -1,3 +1,11 @@
+2005-06-01  Sebastien Pouliot  <sebastien@ximian.com>
+
+       * PermissionBuilder.cs: Removed unification stuff. This is done at a 
+       lower level.
+       * SecurityManager.cs: Split loading PolicyLevel in two phases. The
+       PolicyHierarchy is now available after phase 1 which ensures we can
+       load permission from outside corlib.
+
 2005-05-28  Sebastien Pouliot  <sebastien@ximian.com>
 
        * HostSecurityManager.cs: Added check for ActivationArguments in 
index 669f6980e7793914eae85792a76da75c1089f7b0..8a1dff9287855f1d4ca90625fa3027a437df5728 100644 (file)
@@ -79,7 +79,7 @@ namespace System.Security {
 
                internal static IPermission CreatePermission (string fullname, SecurityElement se)
                {
-                       Type classType = GetUnifiedType (fullname);
+                       Type classType = Type.GetType (fullname);
                        if (classType == null) {
                                string msg = Locale.GetText ("Can't create an instance of permission class {0}.");
 #if NET_2_0
@@ -89,35 +89,11 @@ namespace System.Security {
 #endif
                        }
 
+                       // note: unification is handled in lower levels
+                       // http://blogs.msdn.com/shawnfa/archive/2004/08/05/209320.aspx
                        IPermission p = (IPermission) Activator.CreateInstance (classType, psNone);
                        p.FromXml (se);
                        return p;
                }
-
-               // http://blogs.msdn.com/shawnfa/archive/2004/08/05/209320.aspx
-               static internal Type GetUnifiedType (string fullname)
-               {
-                       // ensure that permission signed with ECMA or MS "final" key gets unified
-                       if (fullname.EndsWith (", PublicKeyToken=b03f5f7f11d50a3a") ||
-                           fullname.EndsWith (", PublicKeyToken=b77a5c561934e089")) {
-                               // public key token match, check versions
-#if NET_2_0
-                               if (fullname.IndexOf (", Version=2.0.0.0, ") < 0)
-                                       fullname = Unify (fullname, "2.0.0.0");
-#else
-                               if (fullname.IndexOf (", Version=1.0.5000.0, ") < 0)
-                                       fullname = Unify (fullname, "1.0.5000.0");
-#endif
-                       }
-
-                       return Type.GetType (fullname);
-               }
-
-               static internal string Unify (string fullname, string version)
-               {
-                       int vs = fullname.IndexOf (", Version=");
-                       int ve = fullname.IndexOf (",", vs + 10);
-                       return fullname.Substring (0, vs + 10) + version + fullname.Substring (ve);
-               }
        }
 }
index d53cb699aeb283483a6175303b606f880b1bbeb7..7fd46a62e5fcfe122c6c882d413a93b68b945c57 100644 (file)
@@ -216,6 +216,7 @@ namespace System.Security {
                        try {
                                pl = new PolicyLevel (type.ToString (), type);
                                pl.LoadFromFile (path);
+                               pl.Initialize ();
                        }
                        catch (Exception e) {
                                throw new ArgumentException (Locale.GetText ("Invalid policy XML"), e);
@@ -387,17 +388,26 @@ namespace System.Security {
                        // note: use InternalGetFolderPath to avoid recursive policy initialization
                        string userPolicyPath = Path.Combine (Environment.InternalGetFolderPath (Environment.SpecialFolder.ApplicationData), "mono");
 
-                       ArrayList al = new ArrayList ();
-                       al.Add (new PolicyLevel ("Enterprise", PolicyLevelType.Enterprise,
-                               Path.Combine (machinePolicyPath, "enterprisesec.config")));
-
-                       al.Add (new PolicyLevel ("Machine", PolicyLevelType.Machine,
-                               Path.Combine (machinePolicyPath, "security.config")));
+                       PolicyLevel enterprise = new PolicyLevel ("Enterprise", PolicyLevelType.Enterprise);
+                       PolicyLevel machine = new PolicyLevel ("Machine", PolicyLevelType.Machine);
+                       PolicyLevel user = new PolicyLevel ("User", PolicyLevelType.User);
 
-                       al.Add (new PolicyLevel ("User", PolicyLevelType.User,
-                               Path.Combine (userPolicyPath, "security.config")));
+                       enterprise.LoadFromFile (Path.Combine (machinePolicyPath, "enterprisesec.config"));
+                       machine.LoadFromFile (Path.Combine (machinePolicyPath, "security.config"));
+                       user.LoadFromFile (Path.Combine (userPolicyPath, "security.config"));
 
+                       ArrayList al = new ArrayList ();
+                       al.Add (enterprise);
+                       al.Add (machine);
+                       al.Add (user);
+                       // setting _hierarchy here allows for loading assemblies containing permissions
+                       // FIXME: we still need to enforce the FullTrust list
                        _hierarchy = ArrayList.Synchronized (al);
+
+                       // part II - creating the permission sets
+                       enterprise.Initialize ();
+                       machine.Initialize ();
+                       user.Initialize ();
                }
 
                internal static bool ResolvePolicyLevel (ref PermissionSet ps, PolicyLevel pl, Evidence evidence)