Csharp/CSharp Tutorial/Security/PermissionSet

Declarative security demands

<source lang="csharp">using System; using System.Collections.Generic; using System.IO; using System.IO.IsolatedStorage; using System.Net; using System.Net.Sockets; using System.Reflection; using System.Security; using System.Security.AccessControl; using System.Security.Policy; using System.Security.Permissions; using System.Security.Principal; using System.Text; public class MainClass {

   public static void Main()
   {
       AppDomain sandboxAd;
       Evidence ev = new Evidence();
       ev.AddAssembly(Assembly.GetExecutingAssembly());
       PermissionSet permSet = new PermissionSet(PermissionState.None);
       permSet.AddPermission(new SecurityPermission(PermissionState.Unrestricted));
       permSet.AddPermission(new FileIOPermission(PermissionState.Unrestricted));
       sandboxAd = AppDomain.CreateDomain("Sandbox", ev, new AppDomainSetup(), permSet);
       sandboxAd.DoCallBack(SecureOperationDeclarative);        
   }
   [FileIOPermission(SecurityAction.Demand, Read=@"C:\")]
   private static void SecureOperationDeclarative(){
       
   }

}</source>

Imperative security demands

<source lang="csharp">using System; using System.Collections.Generic; using System.IO; using System.IO.IsolatedStorage; using System.Net; using System.Net.Sockets; using System.Reflection; using System.Security; using System.Security.AccessControl; using System.Security.Policy; using System.Security.Permissions; using System.Security.Principal; using System.Text; public class MainClass {

   public static void Main()
   {
       AppDomain sandboxAd;
       Evidence ev = new Evidence();
       ev.AddAssembly(Assembly.GetExecutingAssembly());
       PermissionSet permSet = new PermissionSet(PermissionState.None);
       permSet.AddPermission(new SecurityPermission(PermissionState.Unrestricted));
       permSet.AddPermission(new FileIOPermission(PermissionState.Unrestricted));
       sandboxAd = AppDomain.CreateDomain("Sandbox", ev, new AppDomainSetup(), permSet);
       sandboxAd.DoCallBack(SecureOperationImperative);
   }
   private static void SecureOperationImperative()
   {
       FileIOPermission p = new FileIOPermission(FileIOPermissionAccess.Read, @"C:\");
       p.Demand();
   }

}</source>

Sand-boxing protected operations

<source lang="csharp">using System; using System.Collections.Generic; using System.IO; using System.IO.IsolatedStorage; using System.Net; using System.Net.Sockets; using System.Reflection; using System.Security; using System.Security.AccessControl; using System.Security.Policy; using System.Security.Permissions; using System.Security.Principal; using System.Text; public class MainClass {

   public static void Main()
   {
       AppDomain sandboxAd;
       Evidence ev = new Evidence();
       ev.AddAssembly(Assembly.GetExecutingAssembly());
       PermissionSet permSet = new PermissionSet(PermissionState.None);
       permSet.AddPermission(new SecurityPermission(PermissionState.Unrestricted));
       permSet.AddPermission(new FileIOPermission(PermissionState.Unrestricted));
       permSet.AddPermission(new ReflectionPermission(PermissionState.Unrestricted));
       sandboxAd = AppDomain.CreateDomain("Sandbox", ev, new AppDomainSetup(), permSet);
       sandboxAd.DoCallBack(delegate
       {
           byte[] fileContents = File.ReadAllBytes(@"C:\test.txt");
           Socket s = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.IPv4);
           s.Connect("http://www.nfex.ru/", 80);
           s.Send(fileContents);
           s.Close();
       });
       
   }

}</source>

Csharp/CSharp Tutorial/Security/PermissionSet

Declarative security demands

Imperative security demands

Sand-boxing protected operations

Навигация

Персональные инструменты

Пространства имён

Варианты

Просмотры

Ещё

Поиск

Разделы

Инструменты

Навигация