Edit

Share via

HostSecurityManager Class

  • Reference

Definition

Namespace:
System.Security
Assembly:
System.Security.Permissions.dll
Assembly:
mscorlib.dll
Package:
System.Security.Permissions v9.0.2
Source:
HostSecurityManager.cs
Source:
HostSecurityManager.cs
Source:
HostSecurityManager.cs
Source:
HostSecurityManager.cs
Source:
HostSecurityManager.cs

Allows the control and customization of security behavior for application domains.

C# 
public class HostSecurityManager
C# 
[System.Runtime.InteropServices.ComVisible(true)]
[System.Serializable]
public class HostSecurityManager
C# 
[System.Runtime.InteropServices.ComVisible(true)]
[System.Serializable]
[System.Security.SecurityCritical]
public class HostSecurityManager
Inheritance
Object
HostSecurityManager
Attributes
ComVisibleAttribute SerializableAttribute SecurityCriticalAttribute

Examples

The following example shows a very simple implementation of a HostSecurityManager.

C# 
// To replace the default security manager with MySecurityManager, add the 
// assembly to the GAC and call MySecurityManager in the
// custom implementation of the AppDomainManager.

using System;
using System.Collections;
using System.Net;
using System.Reflection;
using System.Security;
using System.Security.Permissions;
using System.Security.Policy;
using System.Security.Principal;
using System.Threading;
using System.Runtime.InteropServices;
using System.Runtime.Hosting;

[assembly: System.Security.AllowPartiallyTrustedCallersAttribute()]
namespace MyNamespace
{
    [Serializable()]
    [SecurityPermissionAttribute(SecurityAction.Demand, Flags = SecurityPermissionFlag.Infrastructure)]
    public class MySecurityManager : HostSecurityManager
    {
        public MySecurityManager()
        {
            Console.WriteLine(" Creating MySecurityManager.");
        }

        private HostSecurityManagerOptions hostFlags = HostSecurityManagerOptions.HostDetermineApplicationTrust |
                                                   HostSecurityManagerOptions.HostAssemblyEvidence;
        public override HostSecurityManagerOptions Flags
        {
            get
            {
                return hostFlags;
            }
        }

        public override Evidence ProvideAssemblyEvidence(Assembly loadedAssembly, Evidence evidence)
        {
            Console.WriteLine("Provide assembly evidence for: " + (loadedAssembly == null ? "Unknown" : loadedAssembly.ToString()) + ".");
            if (evidence == null)
                return null;

            evidence.AddAssemblyEvidence(new CustomEvidenceType());
            return evidence;
        }
        public override Evidence ProvideAppDomainEvidence(Evidence evidence)
        {
            Console.WriteLine("Provide evidence for the " + AppDomain.CurrentDomain.FriendlyName + " AppDomain.");
            if (evidence == null)
                return null;

            evidence.AddHostEvidence(new CustomEvidenceType());
            return evidence;
        }

        [SecurityPermissionAttribute(SecurityAction.Demand, Execution = true)]
        [SecurityPermissionAttribute(SecurityAction.Assert, Unrestricted = true)]
        public override ApplicationTrust DetermineApplicationTrust(Evidence applicationEvidence, Evidence activatorEvidence, TrustManagerContext context)
        {
            if (applicationEvidence == null)
                throw new ArgumentNullException("applicationEvidence");

            // Get the activation context from the application evidence.
            // This HostSecurityManager does not examine the activator evidence
            // nor is it concerned with the TrustManagerContext;
            // it simply grants the requested grant in the application manifest.

            IEnumerator enumerator = applicationEvidence.GetHostEnumerator();
            ActivationArguments activationArgs = null;
            while (enumerator.MoveNext())
            {
                activationArgs = enumerator.Current as ActivationArguments;
                if (activationArgs != null)
                    break;
            }

            if (activationArgs == null)
                return null;

            ActivationContext activationContext = activationArgs.ActivationContext;
            if (activationContext == null)
                return null;

            ApplicationTrust trust = new ApplicationTrust(activationContext.Identity);
            ApplicationSecurityInfo asi = new ApplicationSecurityInfo(activationContext);
            trust.DefaultGrantSet = new PolicyStatement(asi.DefaultRequestSet, PolicyStatementAttribute.Nothing);
            trust.IsApplicationTrustedToRun = true;
            return trust;
        }
    }
    [Serializable()]
    public class CustomEvidenceType : EvidenceBase
    {
        public CustomEvidenceType() { }

        public override string ToString()
        {
            return "CustomEvidenceType";
        }
    }
}

Remarks

When you create a new AppDomain, the common language runtime queries the AppDomainManager for the presence of a HostSecurityManager, which participates in making security decisions for the AppDomain. Host providers should implement a host security manager that inherits from the HostSecurityManager class.

Notes to Inheritors

Some members of a HostSecurityManager are called whenever an assembly is loaded, either implicitly or explicitly. The ProvideAssemblyEvidence(Assembly, Evidence) and ProvideAppDomainEvidence(Evidence) methods must not load any assemblies, because doing so will result in the members of the HostSecurityManager being recursively called. To avoid circular references, you should create new instances of classes that can cause assemblies to be loaded, either implicitly or explicitly, in the constructor of a class that derives from HostSecurityManager.

Constructors

HostSecurityManager()

Initializes a new instance of the HostSecurityManager class.

Properties

DomainPolicy
Obsolete.

When overridden in a derived class, gets the security policy for the current application domain.
Flags

Gets the flag representing the security policy components of concern to the host.

Methods

DetermineApplicationTrust(Evidence, Evidence, TrustManagerContext)

Determines whether an application should be executed.
Equals(Object)

Determines whether the specified object is equal to the current object.

(Inherited from Object)
GenerateAppDomainEvidence(Type)

Requests a specific evidence type for the application domain.
GenerateAssemblyEvidence(Type, Assembly)

Requests a specific evidence type for the assembly.
GetHashCode()

Serves as the default hash function.

(Inherited from Object)
GetHostSuppliedAppDomainEvidenceTypes()

Determines which evidence types the host can supply for the application domain, if requested.
GetHostSuppliedAssemblyEvidenceTypes(Assembly)

Determines which evidence types the host can supply for the assembly, if requested.
GetType()

Gets the Type of the current instance.

(Inherited from Object)
MemberwiseClone()

Creates a shallow copy of the current Object.

(Inherited from Object)
ProvideAppDomainEvidence(Evidence)

Provides the application domain evidence for an assembly being loaded.
ProvideAssemblyEvidence(Assembly, Evidence)

Provides the assembly evidence for an assembly being loaded.
ResolvePolicy(Evidence)
Obsolete.

Determines what permissions to grant to code based on the specified evidence.
ToString()

Returns a string that represents the current object.

(Inherited from Object)

Applies to

Product Versions
.NET 8 (package-provided), 9 (package-provided)
.NET Framework 2.0, 3.0, 3.5, 4.0, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 (package-provided), 4.7, 4.7.1 (package-provided), 4.7.1, 4.7.2 (package-provided), 4.7.2, 4.8 (package-provided), 4.8, 4.8.1
.NET Standard 2.0 (package-provided)
Windows Desktop 3.0, 3.1, 5, 6, 7, 8, 9