[Mono-bugs] [Bug 72146][Wis] New - Implement Exception.StackTrace in managed code

bugzilla-daemon@bugzilla.ximian.com bugzilla-daemon@bugzilla.ximian.com
Wed, 2 Feb 2005 17:21:08 -0500 (EST)

Previous message: [Mono-bugs] [Bug 72123][Wis] Changed - String IndexOfLast is broken for some input strings
Next message: [Mono-bugs] [Bug 72147][Nor] New - monodis crashes on 2.0 mscorlib
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by sebastien@ximian.com.

http://bugzilla.ximian.com/show_bug.cgi?id=72146

--- shadow/72146	2005-02-02 17:21:08.000000000 -0500
+++ shadow/72146.tmp.6807	2005-02-02 17:21:08.000000000 -0500
@@ -0,0 +1,55 @@
+Bug#: 72146
+Product: Mono: Class Libraries
+Version: 1.1
+OS: All
+OS Details: 
+Status: NEW   
+Resolution: 
+Severity: 
+Priority: Wishlist
+Component: CORLIB
+AssignedTo: mono-bugs@ximian.com                            
+ReportedBy: sebastien@ximian.com               
+QAContact: mono-bugs@ximian.com
+TargetMilestone: ---
+URL: 
+Cc: 
+Summary: Implement Exception.StackTrace in managed code
+
+Description of Problem:
+
+The current code for Exception.StackTrace is an icall that return a string.
+This makes it impossible to restrict access to the path/filename
+informations that can be part of the stack trace.
+
+This is required to implement CAS as code without FileIOPermission
+PathDiscovery shouldn't be able to get a stack trace containing filenames.
+
+The managed StackFrame code is already coded to throw a SecurityException
+if the code tries to get the path/filename information without the correct
+permissions.
+
+
+Steps to reproduce the problem:
+See CAS unit tests in /mcs/class/corlib/Test/System/ExceptionCas.cs
+
+
+Actual Results:
+a string containing path/filename for which the assembly isn't granted
+PathDiscovery (i.e. we're leaking informations).
+
+
+Expected Results:
+SecurityException if the FileIOPermission PathDiscovery is restricted for
+one of the assemblies location.
+
+
+How often does this happen? 
+Always when using --security.
+
+
+Additional Information:
+* Note that this isn't as simple as to throw a SecurityException if a stack
+trace is required. The exception must be thrown only if the PathDiscovery
+is restricted for the path/filename used by one (or more) assemblies in the
+stack.

Previous message: [Mono-bugs] [Bug 72123][Wis] Changed - String IndexOfLast is broken for some input strings
Next message: [Mono-bugs] [Bug 72147][Nor] New - monodis crashes on 2.0 mscorlib
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]