16f6c0aecf
Inline adoc files when they are included exactly once. Also fix language tags because this inlining gives us better information on what language the code is written in.
75 lines
2.3 KiB
Plaintext
75 lines
2.3 KiB
Plaintext
include::../description.adoc[]
|
|
|
|
include::../ask-yourself.adoc[]
|
|
|
|
include::../recommended.adoc[]
|
|
|
|
== Sensitive Code Example
|
|
|
|
----
|
|
using System.Threading;
|
|
using System.Security.Permissions;
|
|
using System.Security.Principal;
|
|
using System.IdentityModel.Tokens;
|
|
|
|
class SecurityPrincipalDemo
|
|
{
|
|
class MyIdentity : IIdentity // Sensitive, custom IIdentity implementations should be reviewed
|
|
{
|
|
// ...
|
|
}
|
|
|
|
class MyPrincipal : IPrincipal // Sensitive, custom IPrincipal implementations should be reviewed
|
|
{
|
|
// ...
|
|
}
|
|
[System.Security.Permissions.PrincipalPermission(SecurityAction.Demand, Role = "Administrators")] // Sensitive. The access restrictions enforced by this attribute should be reviewed.
|
|
static void CheckAdministrator()
|
|
{
|
|
WindowsIdentity MyIdentity = WindowsIdentity.GetCurrent(); // Sensitive
|
|
HttpContext.User = ...; // Sensitive: review all reference (set and get) to System.Web HttpContext.User
|
|
AppDomain domain = AppDomain.CurrentDomain;
|
|
domain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal); // Sensitive
|
|
MyIdentity identity = new MyIdentity(); // Sensitive
|
|
MyPrincipal MyPrincipal = new MyPrincipal(MyIdentity); // Sensitive
|
|
Thread.CurrentPrincipal = MyPrincipal; // Sensitive
|
|
domain.SetThreadPrincipal(MyPrincipal); // Sensitive
|
|
|
|
// All instantiation of PrincipalPermission should be reviewed.
|
|
PrincipalPermission principalPerm = new PrincipalPermission(null, "Administrators"); // Sensitive
|
|
principalPerm.Demand();
|
|
|
|
SecurityTokenHandler handler = ...;
|
|
// Sensitive: this creates an identity.
|
|
ReadOnlyCollection<ClaimsIdentity> identities = handler.ValidateToken(…);
|
|
}
|
|
|
|
// Sensitive: review how this function uses the identity and principal.
|
|
void modifyPrincipal(MyIdentity identity, MyPrincipal principal)
|
|
{
|
|
// ...
|
|
}
|
|
}
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
include::../message.adoc[]
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
=== on 8 Oct 2018, 16:48:49 Nicolas Harraudeau wrote:
|
|
Out of scope for now:
|
|
|
|
* https://docs.microsoft.com/en-us/aspnet/core/security/authorization/introduction?view=aspnetcore-2.1[ASP.Net Core authorization mechanism]
|
|
|
|
endif::env-github,rspecator-view[]
|