Assert the permission of accessing the file system. in VS .NET

Making QR in VS .NET Assert the permission of accessing the file system.

Dim filePerm As New FileIOPermission(PermissionState.Unrestricted)

filePerm.Assert()

Dim sr As New StreamReader( c:\myapp\vars.ini )

33:

As for the PermitOnly and Deny methods, there can be only one active Assert in the current procedure at any given time. You must use the CodeAccessPermission.RevertAssert shared method before you can assert a different permission inside the same procedure. By default, only assemblies in the My_Computer_Zone and LocalIntranet_Zone code groups can call the Assert method because the permission set associated with these zones includes a SecurityPermission object with the Assertion flag enabled. As you might expect, an assembly can only assert a permission object that the assembly owns for example, an assembly from the local intranet can assert the permission for printing to the default printer and displaying UI elements, but it can t assert the right to enumerate types and methods via reflection. If your assembly calls unmanaged code via either PInvoke or COM Interop, you should assert an appropriate SecurityPermission object, as follows:

Dim secPerm As New SecurityPermission(SecurityPermissionFlags.UnmanagedCode)

secPerm.Assert()

If you fail to do this assertion, your assembly can t be used by untrusted code. In addi tion, if your assembly has a strong name, it must be marked with the AllowPartial lyTrustedCallers attribute, otherwise untrusted code won t be able to even load it. (See the Partially Trusted Assemblies section earlier in this chapter.) It s crucial that you use the Assert method judiciously. By asserting a permission you are claiming that callers can t trick your assembly into doing anything dangerous. Let s suppose you need to provide users with the ability to read and write files only in the C:\MyApp directory. You might be tempted to use the following approach:

Public Sub DeleteFile(ByVal filename As String) Ensure that filename begins with C:\MyApp\. If Not filename.ToLower().StartsWith( c:\myapp\ ) Then Throw New ArgumentException( Path not allowed ) End If Assert the right to access the file system. Dim filePerm As New FileIOPermission(PermissionState.Unrestricted) filePerm.Assert() Delete the file. File.Delete(filename) End Sub

Alas, a smart (and wicked) caller can delete a system file by providing a string argu ment that passes your validation test:

DeleteFile( C:\MyApp\..\Windows\Soap Bubbles.bmp )

Of course, you might suffer from problems far more serious than just losing your favor ite wallpaper. Here s a better approach, which is also more concise:

Part VII:

Public Sub DeleteFile(ByVal filename As String) Assert the right to access the C:\MyApp. Dim filePerm As New FileIOPermission(FileIOPermissionAccess.AllAccess, C:\MyApp ) filePerm.Assert() Delete the file. File.Delete(filename) End Sub

The Demand and Assert methods are often used together on the same permission object to improve the performance of your code. Let s say you are authoring a library that repeatedly accesses the file system from inside a method. Each time your assembly accesses a file, the .NET runtime must check the permission objects associated with your assembly, your caller, the caller of your caller, and so on. The greater the number of callers that are above your assembly in the stack, the longer this operation takes. You can reduce this overhead by demanding and then asserting a specific permission object:

Dim filePerm As New FileIOPermission(PermissionState.Unrestricted)

filePerm.Demand()

filePerm.Assert()

By demanding and then asserting a permission object, you are telling the .NET runtime, I checked that my callers have this permission, so you don t have to recheck them each time this resource is accessed.

The PermitOnly, Deny, and Demand methods can grant, deny, or demand one permis sion at a time. In real-world applications, however, an assembly typically accesses mul tiple resources for example, the registry, the file system, and the user interface. To work with such compound permission, you need to define a custom permission set:

Sub TestPermissionSet() Define three permission objects. Dim filePerm As New FileIOPermission(FileIOPermissionAccess.AllAccess, c:\myapp ) Dim regPerm As New RegistryPermission(PermissionState.Unrestricted) Dim uiPerm As New UIPermission(PermissionState.Unrestricted) Combine them in a permission set. Dim ps As New PermissionSet(PermissionState.None) ps.AddPermission(filePerm) ps.AddPermission(regPerm) ps.AddPermission(uiPerm) Permit only those actions, until the end of the procedure. ps.PermitOnly() The permission set is discarded when the procedure returns. End Sub

33: