Csharp/CSharp Tutorial/Security/PermissionSet

Материал из .Net Framework эксперт
Перейти к: навигация, поиск

Declarative security demands

using System;
using System.Collections.Generic;
using System.IO;
using System.IO.IsolatedStorage;
using System.Net;
using System.Net.Sockets;
using System.Reflection;
using System.Security;
using System.Security.AccessControl;
using System.Security.Policy;
using System.Security.Permissions;
using System.Security.Principal;
using System.Text;
public class MainClass
{
    public static void Main()
    {
        AppDomain sandboxAd;
        Evidence ev = new Evidence();
        ev.AddAssembly(Assembly.GetExecutingAssembly());
        PermissionSet permSet = new PermissionSet(PermissionState.None);
        permSet.AddPermission(new SecurityPermission(PermissionState.Unrestricted));
        permSet.AddPermission(new FileIOPermission(PermissionState.Unrestricted));
        sandboxAd = AppDomain.CreateDomain("Sandbox", ev, new AppDomainSetup(), permSet);
        sandboxAd.DoCallBack(SecureOperationDeclarative);        
    }
    [FileIOPermission(SecurityAction.Demand, Read=@"C:\")]
    private static void SecureOperationDeclarative(){
        
    }
}

Imperative security demands

using System;
using System.Collections.Generic;
using System.IO;
using System.IO.IsolatedStorage;
using System.Net;
using System.Net.Sockets;
using System.Reflection;
using System.Security;
using System.Security.AccessControl;
using System.Security.Policy;
using System.Security.Permissions;
using System.Security.Principal;
using System.Text;
public class MainClass
{
    public static void Main()
    {
        AppDomain sandboxAd;
        Evidence ev = new Evidence();
        ev.AddAssembly(Assembly.GetExecutingAssembly());
        PermissionSet permSet = new PermissionSet(PermissionState.None);
        permSet.AddPermission(new SecurityPermission(PermissionState.Unrestricted));
        permSet.AddPermission(new FileIOPermission(PermissionState.Unrestricted));
        sandboxAd = AppDomain.CreateDomain("Sandbox", ev, new AppDomainSetup(), permSet);
        sandboxAd.DoCallBack(SecureOperationImperative);
    }
    private static void SecureOperationImperative()
    {
        FileIOPermission p = new FileIOPermission(FileIOPermissionAccess.Read, @"C:\");
        p.Demand();
    }
}

Sand-boxing protected operations

using System;
using System.Collections.Generic;
using System.IO;
using System.IO.IsolatedStorage;
using System.Net;
using System.Net.Sockets;
using System.Reflection;
using System.Security;
using System.Security.AccessControl;
using System.Security.Policy;
using System.Security.Permissions;
using System.Security.Principal;
using System.Text;
public class MainClass
{
    public static void Main()
    {
        AppDomain sandboxAd;
        Evidence ev = new Evidence();
        ev.AddAssembly(Assembly.GetExecutingAssembly());
        PermissionSet permSet = new PermissionSet(PermissionState.None);
        permSet.AddPermission(new SecurityPermission(PermissionState.Unrestricted));
        permSet.AddPermission(new FileIOPermission(PermissionState.Unrestricted));
        permSet.AddPermission(new ReflectionPermission(PermissionState.Unrestricted));
        sandboxAd = AppDomain.CreateDomain("Sandbox", ev, new AppDomainSetup(), permSet);
        sandboxAd.DoCallBack(delegate
        {
            byte[] fileContents = File.ReadAllBytes(@"C:\test.txt");
            Socket s = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.IPv4);
            s.Connect("http://www.nfex.ru/", 80);
            s.Send(fileContents);
            s.Close();
        });
        
    }
}
Источник — «http://nfex.ru/index.php?title=Csharp/CSharp_Tutorial/Security/PermissionSet&oldid=6023»