Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

securitymanager.policyhierarchy() is obsolete, what is its replacement?

Tags:

c#

.net

mono

SecurityManager.PolicyHierarchy() produces a warning about being obsolete, but I am unable to find what method it is replaced by or how to replace it when used to compare received and present policy levels.

E.g.

SecEnumerator levelEnumerator = SecurityManager.PolicyHierarchy();
while (levelEnumerator.MoveNext())
{
 PolicyLevel Seclevel = levelEnumerator.Current as PolicyLevel;
 if (Seclevel == Init.Seclevel)
 {
      return;
 }
}

For such an application what other method should be used now?

like image 447
user2280032 Avatar asked Jan 28 '19 06:01

user2280032

1 Answers

There is no replacement.

As you can see in the documentation page of SecurityManager in MSDN, all and every method related to policies are obsolete. The reason for that is the fact that Policies are now removed from CAS (well, since .Net4). To read more about this check here:

Summary of Changes in Code Access Security

That being said, in the description of this warning there is a good link that provides you with the necessary information required to change your code and suggest possible alternatives:

Code Access Security Policy Compatibility and Migration

Migration: Replacement for Obsolete Calls

To help you better we need to know what you are exactly trying to achieve here. Describe your goal and we might be able to suggest an alternate or replacement.

Based on your comment it seems that what you are trying to do is to sandbox a piece of user-inserted code (as you put it) and limit its access. This is not the what CAS should be used for. In fact, there is a clear warning about this type of usages in here:

Code Access Security in .NET Framework should not be used as a mechanism for enforcing security boundaries based on code origination or other identity aspects.

Your code probably should be refactored in a way to retrieve the permissions required by a piece of code using the provided Evidence (being strong name or url, etc) by the SecurityManager.GetStandardSandbox(Evidence) method and then use the returned permissions to load the assembly in a new sandboxed AppDomain using the CreateDomain(String, Evidence, AppDomainSetup, PermissionSet, StrongName[]) method. You can also change these permissions before creating a new domain to have more control over the execution of the code. Following article can help you refactor your application:

How to: Run Partially Trusted Code in a Sandbox

In other words, there are no policies anymore, but you can define, retrieve and execute your code under a specific PermissionSet.

like image 134
Soroush Falahati Avatar answered Nov 10 '22 02:11

Soroush Falahati
Sign in to Comment

Related questions

How to copy home directory file into new persistent volume with Kubernetes?
How to align legend symbol with wrapped legend text on ggplot2
Docker COPY all files and folders except some files/folders
Appengine - tmp/ filesytem error when uploading a file
Getting access to a Stack Exchange user's `about_me` data via API?
How to cache layer activations in Keras?
How to validate ion-datetime tag in Ionic 4 app?
How to find all connected subgraph of a graph in networkx?
Is there a way to get Current User in Api Controller
how to pass 'auth' or 'profile' object to firestoreConnect() with react-redux-firebase?
SSML Actions on Google, change speaking language
Make EF Core 2 work with a getter only property without a backing field

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!