public interface IStackWalk
|
The common language runtime protects managed code from these attacks by running a stack walk on all calls. The stack walk requires that all code in the call stack has permission to access a protected resource. Because the code attempting the attack will always be somewhere in the call stack, it will be unable to exceed its own security permissions.
| Assert | Asserts that the calling code can access the resource identified by the current permission object, even if callers higher in the stack have not been granted permission to access the resource. |
| Demand | Determines at run time whether all callers in the call stack have been granted the permission specified by the current permission object. |
| Deny | Causes every IStackWalk.Demand for the current object that passes through the calling code to fail. |
| PermitOnly | Causes every IStackWalk.Demand for all objects except the current one that passes through the calling code to fail, even if code higher in the call stack has been granted permission to access other resources. |
void Assert(); |
| Exception Type | Condition |
|---|---|
| SecurityException | The calling code does not have SecurityPermissionFlag.Assertion. |
A call to IStackWalk.Assert is effective until the calling code returns to its caller or until a subsequent call to IStackWalk.Assert renders the previous assertion ineffective. Also, CodeAccessPermission.RevertAssert or CodeAccessPermission.RevertAll removes a pending IStackWalk.Assert.
IStackWalk.Assert is ignored for a permission not granted because a demand for that permission will not succeed. However, if code lower on the call stack calls IStackWalk.Demand for that permission, a SecurityException is thrown when the stack walk reaches the code that tried to call IStackWalk.Assert. This happens because the code that called IStackWalk.Assert has not been granted the permission, even though it tried to IStackWalk.Assert it.
Because calling IStackWalk.Assert removes the requirement that all code in the call chain must be granted permission to access the specified resource, it can open up security vulnerabilities if used incorrectly or inappropriately. Therefore, it should be used with great caution.
void Demand(); |
| Exception Type | Condition |
|---|---|
| SecurityException | A caller higher in the call stack does not have the permission specified by the current permission object. -or- A caller in the call stack has called IStackWalk.Deny on the current permission object. |
The permissions of the code that calls this method are not examined; the check begins from the immediate caller of that code and proceeds up the stack. IStackWalk.Demand succeeds only if no SecurityException is raised.
void Deny(); |
IStackWalk.Deny can limit the liability of the programmer or prevent accidental security vulnerabilities because it prevents the method that calls IStackWalk.Deny from being used to access the resource protected by the denied permission. If a method calls IStackWalk.Deny on a permission, and if a IStackWalk.Demand for that permission is invoked by a caller lower in the call stack, that security check will fail when it reaches the IStackWalk.Deny.
IStackWalk.Deny is ignored for a permission not granted because a demand for that permission will not succeed.
void PermitOnly(); |
IStackWalk.PermitOnly is ignored for a permission not granted because a demand for that permission will not succeed. However, if code lower on the call stack later calls IStackWalk.Demand for that permission, a SecurityException is thrown when the stack walk reaches the code that tried to call IStackWalk.PermitOnly. This is because the code that called IStackWalk.PermitOnly has not been granted the permission, even though it called IStackWalk.PermitOnly for that permission. The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack.