Imported Upstream version 3.6.0

Former-commit-id: da6be194a6b1221998fc28233f2503bd61dd9d14

mcs/class/corlib/System.Security.AccessControl/AccessControlActions.cs

@@ -0,0 +1,38 @@
+//
+// System.Security.AccessControl.AccessControlActions enum
+//
+// Author:
+//	Sebastien Pouliot  <sebastien@ximian.com>
+//
+// Copyright (C) 2004-2006 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
+namespace System.Security.AccessControl {
+
+	[Flags]
+	public enum AccessControlActions {
+		None = 0,
+		View = 1,
+		Change = 2
+	}
+}
+

mcs/class/corlib/System.Security.AccessControl/AccessControlModification.cs

@@ -0,0 +1,39 @@
+//
+// System.Security.AccessControl.AccessControlModification enum
+//
+// Author:
+//	Dick Porter  <dick@ximian.com>
+//
+// Copyright (C) 2006 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
+namespace System.Security.AccessControl {
+	public enum AccessControlModification {
+		Add = 0,
+		Set = 1,
+		Reset = 2,
+		Remove = 3,
+		RemoveAll = 4,
+		RemoveSpecific = 5,
+	}
+}
+

mcs/class/corlib/System.Security.AccessControl/AccessControlSections.cs

@@ -0,0 +1,41 @@
+//
+// System.Security.AccessControl.AccessControlSections enum
+//
+// Author:
+//	Sebastien Pouliot  <sebastien@ximian.com>
+//
+// Copyright (C) 2005 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
+
+namespace System.Security.AccessControl {
+
+	[Flags]
+	public enum AccessControlSections {
+		None,
+		Audit = 1,
+		Access = 2,
+		Owner = 4,
+		Group = 8,
+		All = Audit | Access | Owner | Group
+	}
+}

mcs/class/corlib/System.Security.AccessControl/AccessControlType.cs

@@ -0,0 +1,34 @@
+//
+// System.Security.AccessControl.AccessControlType enum
+//
+// Author:
+//	Dick Porter  <dick@ximian.com>
+//
+// Copyright (C) 2006 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
+namespace System.Security.AccessControl {
+	public enum AccessControlType {
+		Allow = 0,
+		Deny = 1
+	}
+}

mcs/class/corlib/System.Security.AccessControl/AccessRule.cs

@@ -0,0 +1,61 @@
+//
+// System.Security.AccessControl.AccessRule implementation
+//
+// Author:
+//	Dick Porter  <dick@ximian.com>
+//
+// Copyright (C) 2006 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
+using System.Security.Principal;
+
+namespace System.Security.AccessControl {
+	public abstract class AccessRule : AuthorizationRule
+	{
+		AccessControlType type;
+		
+		protected AccessRule (IdentityReference identity,
+				      int accessMask,
+				      bool isInherited,
+				      InheritanceFlags inheritanceFlags,
+				      PropagationFlags propagationFlags,
+				      AccessControlType type)
+			: base (identity, accessMask, isInherited,
+				inheritanceFlags, propagationFlags)
+		{
+			if (type < AccessControlType.Allow ||
+			    type > AccessControlType.Deny) {
+				throw new ArgumentException ("Invalid access control type.", "type");
+			}
+		
+			this.type = type;
+		}
+
+		public AccessControlType AccessControlType
+		{
+			get {
+				return(type);
+			}
+		}
+	}
+}
+

mcs/class/corlib/System.Security.AccessControl/AccessRule_T.cs

@@ -0,0 +1,70 @@
+// System.Security.AccessControl.AccessRule<T>
+//
+// Copyright 2012 James F. Bellinger
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+#if NET_4_0
+
+using System;
+using System.Security.Principal;
+
+namespace System.Security.AccessControl
+{
+	public class AccessRule<T> : AccessRule where T : struct
+	{
+		public AccessRule (string identity, T rights, AccessControlType type)
+			: this (new NTAccount (identity), rights, type)
+		{
+
+		}
+
+		public AccessRule (IdentityReference identity, T rights, AccessControlType type)
+			: this (identity, rights, InheritanceFlags.None, PropagationFlags.None, type)
+		{
+
+		}
+
+		public AccessRule (string identity, T rights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type)
+			: this (new NTAccount (identity), rights, inheritanceFlags, propagationFlags, type)
+		{
+
+		}
+
+		public AccessRule (IdentityReference identity, T rights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type)
+			: this (identity, (int)(object)rights, false, inheritanceFlags, propagationFlags, type)
+		{
+
+		}
+
+		internal AccessRule (IdentityReference identity, int rights, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AccessControlType type)
+			: base (identity, rights, isInherited, inheritanceFlags, propagationFlags, type)
+		{
+
+		}
+
+		public T Rights {
+			get { return (T)(object)AccessMask; }
+		}
+	}
+}
+
+#endif
+

mcs/class/corlib/System.Security.AccessControl/AceEnumerator.cs

@@ -0,0 +1,65 @@
+//
+// System.Security.AccessControl.AceEnumerator implementation
+//
+// Author:
+//	Dick Porter  <dick@ximian.com>
+//	Atsushi Enomoto  <atsushi@ximian.com>
+//
+// Copyright (C) 2006-2007 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
+using System.Collections;
+
+namespace System.Security.AccessControl {
+	public sealed class AceEnumerator : IEnumerator
+	{
+		GenericAcl owner;
+		int current = -1;
+
+		internal AceEnumerator (GenericAcl owner)
+		{
+			this.owner = owner;
+		}
+
+		public GenericAce Current {
+			get { return current < 0 ? null : owner [current]; }
+		}
+
+		object IEnumerator.Current {
+			get { return Current; }
+		}
+		
+		public bool MoveNext ()
+		{
+			if (current + 1 == owner.Count)
+				return false;
+			current++;
+			return true;
+		}
+		
+		public void Reset ()
+		{
+			current = -1;
+		}
+	}
+}
+

mcs/class/corlib/System.Security.AccessControl/AceFlags.cs

@@ -0,0 +1,44 @@
+//
+// System.Security.AccessControl.AceFlags enum
+//
+// Author:
+//	Dick Porter  <dick@ximian.com>
+//
+// Copyright (C) 2006 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
+namespace System.Security.AccessControl {
+	[Flags]
+	public enum AceFlags : byte {
+		None = 0,
+		ObjectInherit = 0x01,
+		ContainerInherit = 0x02,
+		NoPropagateInherit = 0x04,
+		InheritOnly = 0x08,
+		InheritanceFlags = ObjectInherit | ContainerInherit | NoPropagateInherit | InheritOnly,
+		Inherited = 0x10,
+		SuccessfulAccess = 0x40,
+		FailedAccess = 0x80,
+		AuditFlags = SuccessfulAccess | FailedAccess,
+	}
+}
+

mcs/class/corlib/System.Security.AccessControl/AceQualifier.cs

@@ -0,0 +1,37 @@
+//
+// System.Security.AccessControl.AceQualifier enum
+//
+// Author:
+//	Dick Porter  <dick@ximian.com>
+//
+// Copyright (C) 2006 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
+namespace System.Security.AccessControl {
+	public enum AceQualifier {
+		AccessAllowed = 0,
+		AccessDenied = 1,
+		SystemAudit = 2,
+		SystemAlarm = 3,
+	}
+}
+

mcs/class/corlib/System.Security.AccessControl/AceType.cs

@@ -0,0 +1,51 @@
+//
+// System.Security.AccessControl.AceType enum
+//
+// Author:
+//	Dick Porter  <dick@ximian.com>
+//
+// Copyright (C) 2006 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
+namespace System.Security.AccessControl {
+	public enum AceType {
+		AccessAllowed = 0,
+		AccessDenied = 1,
+		SystemAudit = 2,
+		SystemAlarm = 3,
+		AccessAllowedCompound = 4,
+		AccessAllowedObject = 5,
+		AccessDeniedObject = 6,
+		SystemAuditObject = 7,
+		SystemAlarmObject = 8,
+		AccessAllowedCallback = 9,
+		AccessDeniedCallback = 10,
+		AccessAllowedCallbackObject = 11,
+		AccessDeniedCallbackObject = 12,
+		SystemAuditCallback = 13,
+		SystemAlarmCallback = 14,
+		SystemAuditCallbackObject = 15,
+		SystemAlarmCallbackObject = 16,
+		MaxDefinedAceType = 16,
+	}
+}
+

mcs/class/corlib/System.Security.AccessControl/AuditFlags.cs

@@ -0,0 +1,37 @@
+//
+// System.Security.AccessControl.AuditFlags enum
+//
+// Author:
+//	Dick Porter  <dick@ximian.com>
+//
+// Copyright (C) 2006 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
+namespace System.Security.AccessControl {
+	[Flags]
+	public enum AuditFlags {
+		None = 0,
+		Success = 1,
+		Failure = 2,
+	}
+}
+

mcs/class/corlib/System.Security.AccessControl/AuditRule.cs

@@ -0,0 +1,58 @@
+//
+// System.Security.AccessControl.AuditRule implementation
+//
+// Author:
+//	Dick Porter  <dick@ximian.com>
+//
+// Copyright (C) 2006 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
+using System.Security.Principal;
+
+namespace System.Security.AccessControl {
+	public abstract class AuditRule : AuthorizationRule
+	{
+		AuditFlags auditFlags;
+		
+		protected AuditRule (IdentityReference identity,
+				     int accessMask,
+				     bool isInherited,
+				     InheritanceFlags inheritanceFlags,
+				     PropagationFlags propagationFlags,
+				     AuditFlags auditFlags)
+			: base (identity, accessMask, isInherited,
+				inheritanceFlags, propagationFlags)
+		{
+			if (auditFlags != ((AuditFlags.Success | AuditFlags.Failure) & auditFlags))
+				throw new ArgumentException ("Invalid audit flags.", "auditFlags");
+
+			this.auditFlags = auditFlags;
+		}
+		
+		public AuditFlags AuditFlags
+		{
+			get {
+				return(auditFlags);
+			}
+		}
+	}
+}

mcs/class/corlib/System.Security.AccessControl/AuditRule_T.cs

@@ -0,0 +1,70 @@
+// System.Security.AccessControl.AuditRule<T>
+//
+// Copyright 2012 James F. Bellinger
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+#if NET_4_0
+
+using System;
+using System.Security.Principal;
+
+namespace System.Security.AccessControl
+{
+	public class AuditRule<T> : AuditRule where T : struct
+	{
+		public AuditRule (string identity, T rights, AuditFlags flags)
+			: this (new NTAccount (identity), rights, flags)
+		{
+
+		}
+
+		public AuditRule (IdentityReference identity, T rights, AuditFlags flags)
+			: this (identity, rights, InheritanceFlags.None, PropagationFlags.None, flags)
+		{
+
+		}
+
+		public AuditRule (string identity, T rights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
+			: this (new NTAccount (identity), rights, inheritanceFlags, propagationFlags, flags)
+		{
+
+		}
+
+		public AuditRule (IdentityReference identity, T rights, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
+			: this (identity, (int)(object)rights, false, inheritanceFlags, propagationFlags, flags)
+		{
+
+		}
+
+		internal AuditRule (IdentityReference identity, int rights, bool isInherited, InheritanceFlags inheritanceFlags, PropagationFlags propagationFlags, AuditFlags flags)
+			: base (identity, rights, isInherited, inheritanceFlags, propagationFlags, flags)
+		{
+
+		}
+
+		public T Rights {
+			get { return (T)(object)AccessMask; }
+		}
+	}
+}
+
+#endif
+

mcs/class/corlib/System.Security.AccessControl/AuthorizationRule.cs

@@ -0,0 +1,111 @@
+//
+// System.Security.AccessControl.AuthorizationRule implementation
+//
+// Authors:
+//	Dick Porter  <dick@ximian.com>
+//	Atsushi Enomoto  <atsushi@ximian.com>
+//
+// Copyright (C) 2006-2007 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
+using System.Security.Principal;
+
+namespace System.Security.AccessControl {
+	public abstract class AuthorizationRule
+	{
+		IdentityReference identity;
+		int accessMask;
+		bool isInherited;
+		InheritanceFlags inheritanceFlags;
+		PropagationFlags propagationFlags;
+		
+		internal AuthorizationRule ()
+		{
+			/* Give it a 0-param constructor */
+		}
+		
+		protected internal AuthorizationRule (IdentityReference identity,
+						      int accessMask, bool isInherited,
+						      InheritanceFlags inheritanceFlags,
+						      PropagationFlags propagationFlags)
+		{
+			if (null == identity)
+				throw new ArgumentNullException ("identity");
+				
+			if (!(identity is SecurityIdentifier) && !(identity is NTAccount))
+				throw new ArgumentException ("identity");
+
+			// Unit testing showed that MS.NET 4.0 actually throws ArgumentException
+			// for accessMask == 0, not the ArgumentOutOfRangeException specified.			
+			if (accessMask == 0)
+				throw new ArgumentException ("accessMask");
+
+			if (0 != (inheritanceFlags & ~(InheritanceFlags.ContainerInherit|InheritanceFlags.ObjectInherit)))
+				throw new ArgumentOutOfRangeException ();
+
+			if (0 != (propagationFlags & ~(PropagationFlags.NoPropagateInherit|PropagationFlags.InheritOnly)))
+				throw new ArgumentOutOfRangeException ();
+			
+			this.identity = identity;
+			this.accessMask = accessMask;
+			this.isInherited = isInherited;
+			this.inheritanceFlags = inheritanceFlags;
+			this.propagationFlags = propagationFlags;
+		}
+
+		public IdentityReference IdentityReference
+		{
+			get {
+				return(identity);
+			}
+		}
+		
+		public InheritanceFlags InheritanceFlags
+		{
+			get {
+				return(inheritanceFlags);
+			}
+		}
+
+		public bool IsInherited
+		{
+			get {
+				return(isInherited);
+			}
+		}
+
+		public PropagationFlags PropagationFlags
+		{
+			get {
+				return(propagationFlags);
+			}
+		}
+
+		protected internal int AccessMask
+		{
+			get {
+				return(accessMask);
+			}
+		}
+	}
+}
+

mcs/class/corlib/System.Security.AccessControl/AuthorizationRuleCollection.cs

@@ -0,0 +1,51 @@
+//
+// System.Security.AccessControl.AuthorizationRuleCollection implementation
+//
+// Authors:
+//	Dick Porter  <dick@ximian.com>
+//	Atsushi Enomoto  <atsushi@ximian.com>
+//
+// Copyright (C) 2006-2007 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
+using System.Collections;
+
+namespace System.Security.AccessControl
+{
+	public sealed class AuthorizationRuleCollection : ReadOnlyCollectionBase
+	{
+		internal AuthorizationRuleCollection (AuthorizationRule [] rules)
+		{
+			InnerList.AddRange (rules);
+		}
+
+		public AuthorizationRule this [int index] {
+			get { return (AuthorizationRule) InnerList [index]; }
+		}
+
+		public void CopyTo (AuthorizationRule[] rules, int index)
+		{
+			InnerList.CopyTo (rules, index);
+		}
+	}
+}
+

mcs/class/corlib/System.Security.AccessControl/ChangeLog

@@ -0,0 +1,92 @@
+2012-06-30  James Bellinger  <jfb@zer7.com>
+
+	* AccessRule_T.cs AuditRule_T.cs: Implemented .NET 4.0 generic
+	versions of AccessRule and AuditRule.
+	* ObjectSecurity_T.cs: Type returns are now correct.
+
+2009-08-29  Zoltan Varga  <vargaz@gmail.com>
+
+	* ObjectSecurity_T.cs: New file, empty stub for new net 4.0 class.
+
+2008-07-02  Andreas Nahr  <ClassDevelopment@A-SoftTech.com>
+
+	* MutexAccessRule.cs:
+	* MutexAuditRule.cs: Fix parameter names
+
+2008-04-02  Andreas Nahr  <ClassDevelopment@A-SoftTech.com>
+
+	* CompoundAce.cs: Fix parameter names
+
+2007-09-21  Atsushi Enomoto  <atsushi@ximian.com>
+
+	* AccessRule.cs AceEnumerator.cs AuditRule.cs AuthorizationRule.cs
+	  AuthorizationRuleCollection.cs CommonAce.cs CommonAcl.cs
+	  CommonObjectSecurity.cs CompoundAce.cs CryptoKeyAccessRule.cs
+	  CryptoKeyAuditRule.cs CryptoKeySecurity.cs CustomAce.cs
+	  DirectoryObjectSecurity.cs DirectorySecurity.cs
+	  DiscretionaryAcl.cs EventWaitHandleAccessRule.cs
+	  EventWaitHandleAuditRule.cs EventWaitHandleSecurity.cs
+	  FileSecurity.cs FileSystemAccessRule.cs FileSystemAuditRule.cs
+	  FileSystemSecurity.cs GenericAce.cs GenericAcl.cs KnownAce.cs
+	  MutexAccessRule.cs MutexAuditRule.cs MutexSecurity.cs
+	  NativeObjectSecurity.cs ObjectAccessRule.cs ObjectAce.cs
+	  ObjectAuditRule.cs ObjectSecurity.cs QualifiedAce.cs
+	  RawAcl.cs RegistryAccessRule.cs RegistryAuditRule.cs
+	  RegistrySecurity.cs SystemAcl.cs :
+	  they are not still functional, but being implemented.
+
+2006-10-31  Sebastien Pouliot  <sebastien@ximian.com>
+
+	* AccessRule.cs, AceEnumerator.cs, AuditRule.cs, 
+	AuthorizationRuleCollection.cs, AuthorizationRule.cs, CommonAcl.cs,
+	CommonObjectSecurity.cs, FileSystemSecurity.cs, GenericAce.cs,
+	KnownAce.cs, NativeObjectSecurity.cs, ObjectSecurity.cs, 
+	QualifiedAce.cs: Hide extraneous public empty .ctor.
+
+2006-10-30  Sebastien Pouliot  <sebastien@ximian.com>
+
+	* PrivilegeNotHeldException.cs: Fix namespace.
+
+2006-07-06  Dick Porter  <dick@ximian.com>
+
+	* Completely stubbed the System.Security.AccessControl namespace
+	for the 2.0 profile.
+
+2005-12-23  Dick Porter  <dick@ximian.com>
+
+	* MutexRights.cs: New for 2.0 profile
+
+2005-12-17  Dick Porter  <dick@ximian.com>
+
+	* EventWaitHandleRights.cs: New for 2.0 profile
+
+	* MutexSecurity.cs: 
+	* EventWaitHandleSecurity.cs: 
+	* CommonObjectSecurity.cs: 
+	* NativeObjectSecurity.cs: 
+	* ObjectSecurity.cs: New partial stub for 2.0 profile
+
+2005-12-14  Sebastien Pouliot  <sebastien@ximian.com>
+
+	* AccessControlSections.cs: New (2.0). Enum required for DirectoryInfo
+	* DirectorySecurity.cs: New (2.0). Partial stub for DirectoryInfo
+
+2005-04-22  Sebastien Pouliot  <sebastien@ximian.com>
+
+	* AccessControlActions.cs: Removed [ComVisible] and [Serializable] to
+	match beta2.
+
+2005-01-10  Sebastien Pouliot  <sebastien@ximian.com>
+
+	* CryptoKeySecurity.cs: Class declaration to complete CspParameters 
+	and CspKeyContainerInfo in System.Security.Cryptography.
+
+2004-07-08  Sebastien Pouliot  <sebastien@ximian.com>
+
+	* AccessControlActions.cs: Fixed enum values. Added missing attributes.
+
+2004-07-07  Sebastien Pouliot  <sebastien@ximian.com>
+
+	* AccessControlActions.cs: New enum in Fx 2.0. Required for new stuff
+	in System.Security.Permissions. Will also "creates" the namespace for
+	"corcompare".

mcs/class/corlib/System.Security.AccessControl/CommonAce.cs

@@ -0,0 +1,157 @@
+//
+// System.Security.AccessControl.CommonAce implementation
+//
+// Authors:
+//	Dick Porter  <dick@ximian.com>
+//	Atsushi Enomoto  <atsushi@ximian.com>
+//	Kenneth Bell
+//
+// Copyright (C) 2006-2007 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
+using System.Globalization;
+using System.Security.Principal;
+
+namespace System.Security.AccessControl {
+	public sealed class CommonAce : QualifiedAce {
+		public CommonAce (AceFlags flags, AceQualifier qualifier,
+		                  int accessMask, SecurityIdentifier sid,
+		                  bool isCallback, byte[] opaque)
+			: base(ConvertType (qualifier, isCallback),
+			       flags,
+			       opaque)
+		{
+			AccessMask = accessMask;
+			SecurityIdentifier = sid;
+		}
+
+		internal CommonAce (AceType type, AceFlags flags, int accessMask,
+		                    SecurityIdentifier sid, byte[] opaque)
+			: base(type, flags, opaque)
+		{
+			AccessMask = accessMask;
+			SecurityIdentifier = sid;
+		}
+
+		internal CommonAce(byte[] binaryForm, int offset)
+			: base(binaryForm, offset)
+		{
+			int len = ReadUShort(binaryForm, offset + 2);
+			if (offset > binaryForm.Length - len)
+				throw new ArgumentException("Invalid ACE - truncated", "binaryForm");
+			if (len < 8 + SecurityIdentifier.MinBinaryLength)
+				throw new ArgumentException("Invalid ACE", "binaryForm");
+			
+			AccessMask = ReadInt(binaryForm, offset + 4);
+			SecurityIdentifier = new SecurityIdentifier(binaryForm,
+			                                            offset + 8);
+			
+			int opaqueLen = len - (8 + SecurityIdentifier.BinaryLength);
+			if (opaqueLen > 0) {
+				byte[] opaque = new byte[opaqueLen];
+				Array.Copy(binaryForm,
+				           offset + 8 + SecurityIdentifier.BinaryLength,
+				           opaque, 0, opaqueLen);
+				SetOpaque (opaque);
+			}
+		}
+
+		public override int BinaryLength {
+			get {
+				return 8 + SecurityIdentifier.BinaryLength
+					+ OpaqueLength;
+			}
+		}
+
+		public override void GetBinaryForm (byte[] binaryForm,
+		                                    int offset)
+		{
+			int len = BinaryLength;
+			binaryForm[offset] = (byte)this.AceType;
+			binaryForm[offset + 1] = (byte)this.AceFlags;
+			WriteUShort ((ushort)len, binaryForm, offset + 2);
+			WriteInt (AccessMask, binaryForm, offset + 4);
+			
+			SecurityIdentifier.GetBinaryForm (binaryForm,
+			                                  offset + 8);
+			
+			byte[] opaque = GetOpaque ();
+			if (opaque != null)
+				Array.Copy (opaque, 0, binaryForm,
+				            offset + 8 + SecurityIdentifier.BinaryLength,
+				            opaque.Length);
+		}
+
+		public static int MaxOpaqueLength (bool isCallback)
+		{
+			// Varies by platform?
+			return 65459;
+		}
+
+		internal override string GetSddlForm ()
+		{
+			if (OpaqueLength != 0)
+				throw new NotImplementedException (
+					"Unable to convert conditional ACEs to SDDL");
+			
+			return string.Format (CultureInfo.InvariantCulture,
+			                      "({0};{1};{2};;;{3})",
+			                      GetSddlAceType (AceType),
+			                      GetSddlAceFlags (AceFlags),
+			                      GetSddlAccessRights (AccessMask),
+			                      SecurityIdentifier.GetSddlForm ());
+		}
+
+		private static AceType ConvertType (AceQualifier qualifier,
+		                                    bool isCallback)
+		{
+			switch (qualifier) {
+			case AceQualifier.AccessAllowed:
+				if (isCallback)
+					return AceType.AccessAllowedCallback;
+				else
+					return AceType.AccessAllowed;
+				
+			case AceQualifier.AccessDenied:
+				if (isCallback)
+					return AceType.AccessDeniedCallback;
+				else
+					return AceType.AccessDenied;
+				
+			case AceQualifier.SystemAlarm:
+				if (isCallback)
+					return AceType.SystemAlarmCallback;
+				else
+					return AceType.SystemAlarm;
+				
+			case AceQualifier.SystemAudit:
+				if (isCallback)
+					return AceType.SystemAuditCallback;
+				else
+					return AceType.SystemAudit;
+				
+			default:
+				throw new ArgumentException ("Unrecognized ACE qualifier: " + qualifier, "qualifier");
+			}
+		}
+	}
+}

mcs/class/corlib/System.Security.AccessControl/CommonObjectSecurity.cs

@@ -0,0 +1,246 @@
+//
+// System.Security.AccessControl.CommonObjectSecurity implementation
+//
+// Authors:
+//	Dick Porter  <dick@ximian.com>
+//	Atsushi Enomoto  <atsushi@ximian.com>
+//	James Bellinger  <jfb@zer7.com>
+//
+// Copyright (C) 2005-2007 Novell, Inc (http://www.novell.com)
+// Copyright (C) 2012      James Bellinger
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
+using System.Collections.Generic;
+
+namespace System.Security.AccessControl
+{
+	public abstract class CommonObjectSecurity : ObjectSecurity
+	{
+		protected CommonObjectSecurity (bool isContainer)
+			: base (isContainer, false)
+		{
+		}
+		
+		internal CommonObjectSecurity (CommonSecurityDescriptor securityDescriptor)
+			: base (securityDescriptor)
+		{
+		}
+		
+		public AuthorizationRuleCollection GetAccessRules (bool includeExplicit, bool includeInherited, Type targetType)
+		{
+			return InternalGetAccessRules (includeExplicit, includeInherited, targetType);
+		}
+		
+		public AuthorizationRuleCollection GetAuditRules (bool includeExplicit, bool includeInherited, Type targetType)
+		{
+			return InternalGetAuditRules (includeExplicit, includeInherited, targetType);
+		}
+		
+		protected void AddAccessRule (AccessRule rule)
+		{
+			bool modified;
+			ModifyAccess (AccessControlModification.Add, rule, out modified);
+		}
+		
+		protected bool RemoveAccessRule (AccessRule rule)
+		{
+			bool modified;
+			return ModifyAccess (AccessControlModification.Remove, rule, out modified);
+		}
+		
+		protected void RemoveAccessRuleAll (AccessRule rule)
+		{
+			bool modified;
+			ModifyAccess (AccessControlModification.RemoveAll, rule, out modified);
+		}
+		
+		protected void RemoveAccessRuleSpecific (AccessRule rule)
+		{
+			bool modified;
+			ModifyAccess (AccessControlModification.RemoveSpecific, rule, out modified);
+		}
+		
+		protected void ResetAccessRule (AccessRule rule)
+		{
+			bool modified;
+			ModifyAccess (AccessControlModification.Reset, rule, out modified);
+		}
+		
+		protected void SetAccessRule (AccessRule rule)
+		{
+			bool modified;
+			ModifyAccess (AccessControlModification.Set, rule, out modified);
+		}		
+		
+		protected override bool ModifyAccess (AccessControlModification modification, AccessRule rule, out bool modified)
+		{		
+			if (null == rule)
+				throw new ArgumentNullException ("rule");
+				
+			modified = true;
+			
+			WriteLock ();
+			try {
+				switch (modification) {
+				case AccessControlModification.Add:
+					descriptor.DiscretionaryAcl.AddAccess (rule.AccessControlType,
+									       SidFromIR (rule.IdentityReference),
+									       rule.AccessMask,
+									       rule.InheritanceFlags,
+									       rule.PropagationFlags);
+					break;
+				case AccessControlModification.Set:
+					descriptor.DiscretionaryAcl.SetAccess (rule.AccessControlType,
+									       SidFromIR (rule.IdentityReference),
+									       rule.AccessMask,
+									       rule.InheritanceFlags,
+									       rule.PropagationFlags);
+					break;
+				case AccessControlModification.Reset:
+					PurgeAccessRules (rule.IdentityReference);
+					goto case AccessControlModification.Add;
+				case AccessControlModification.Remove:
+					modified = descriptor.DiscretionaryAcl.RemoveAccess (rule.AccessControlType,
+											     SidFromIR (rule.IdentityReference),
+											     rule.AccessMask,
+											     rule.InheritanceFlags,
+											     rule.PropagationFlags);
+					break;
+				case AccessControlModification.RemoveAll:
+					PurgeAccessRules (rule.IdentityReference);
+					break;
+				case AccessControlModification.RemoveSpecific:
+					descriptor.DiscretionaryAcl.RemoveAccessSpecific (rule.AccessControlType,
+											  SidFromIR (rule.IdentityReference),
+											  rule.AccessMask,
+											  rule.InheritanceFlags,
+											  rule.PropagationFlags);
+					break;
+				default:
+					throw new ArgumentOutOfRangeException ("modification");
+				}
+				
+				if (modified) AccessRulesModified = true;
+			} finally {
+				WriteUnlock ();
+			}
+			
+			return modified;
+		}
+		
+		protected void AddAuditRule (AuditRule rule)
+		{
+			bool modified;
+			ModifyAudit (AccessControlModification.Add, rule, out modified);
+		}
+		
+		protected bool RemoveAuditRule (AuditRule rule)
+		{
+			bool modified;
+			return ModifyAudit (AccessControlModification.Remove, rule, out modified);
+		}
+		
+		protected void RemoveAuditRuleAll (AuditRule rule)
+		{
+			bool modified;
+			ModifyAudit (AccessControlModification.RemoveAll, rule, out modified);
+		}
+		
+		protected void RemoveAuditRuleSpecific (AuditRule rule)
+		{
+			bool modified;
+			ModifyAudit (AccessControlModification.RemoveSpecific, rule, out modified);
+		}
+		
+		protected void SetAuditRule (AuditRule rule)
+		{
+			bool modified;
+			ModifyAudit (AccessControlModification.Set, rule, out modified);
+		}
+		
+		protected override bool ModifyAudit (AccessControlModification modification, AuditRule rule, out bool modified)
+		{
+			if (null == rule)
+				throw new ArgumentNullException ("rule");
+
+			modified = true;
+			
+			WriteLock ();
+			try {
+				switch (modification) {
+				case AccessControlModification.Add:
+					if (null == descriptor.SystemAcl)
+						descriptor.SystemAcl = new SystemAcl (IsContainer, IsDS, 1);
+					
+					descriptor.SystemAcl.AddAudit (rule.AuditFlags,
+								       SidFromIR (rule.IdentityReference),
+								       rule.AccessMask,
+								       rule.InheritanceFlags,
+								       rule.PropagationFlags);
+					break;
+				case AccessControlModification.Set:
+					if (null == descriptor.SystemAcl)
+						descriptor.SystemAcl = new SystemAcl (IsContainer, IsDS, 1);
+
+					descriptor.SystemAcl.SetAudit (rule.AuditFlags,
+								       SidFromIR (rule.IdentityReference),
+								       rule.AccessMask,
+								       rule.InheritanceFlags,
+								       rule.PropagationFlags);
+					break;
+				case AccessControlModification.Reset:
+					break;
+				case AccessControlModification.Remove:
+					if (null == descriptor.SystemAcl)
+						modified = false;
+					else
+						modified = descriptor.SystemAcl.RemoveAudit (rule.AuditFlags,
+											     SidFromIR (rule.IdentityReference),
+											     rule.AccessMask,
+											     rule.InheritanceFlags,
+											     rule.PropagationFlags);
+					break;
+				case AccessControlModification.RemoveAll:
+					PurgeAuditRules (rule.IdentityReference);
+					break;
+				case AccessControlModification.RemoveSpecific:
+					if (null != descriptor.SystemAcl)
+						descriptor.SystemAcl.RemoveAuditSpecific (rule.AuditFlags,
+											  SidFromIR (rule.IdentityReference),
+											  rule.AccessMask,
+											  rule.InheritanceFlags,
+											  rule.PropagationFlags);
+					break;
+				default:
+					throw new ArgumentOutOfRangeException ("modification");
+				}
+				
+				if (modified) AuditRulesModified = true;
+			} finally {
+				WriteUnlock ();
+			}
+			
+			return modified;
+		}
+	}
+}
+

mcs/class/corlib/System.Security.AccessControl/CommonSecurityDescriptor.cs

@@ -0,0 +1,234 @@
+//
+// System.Security.AccessControl.CommonSecurityDescriptor implementation
+//
+// Author:
+//	Dick Porter  <dick@ximian.com>
+//	James Bellinger  <jfb@zer7.com>
+//
+// Copyright (C) 2006 Novell, Inc (http://www.novell.com)
+// Copyright (C) 2012 James Bellinger
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+// 
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+// 
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
+
+using System;
+using System.Security.Principal;
+
+namespace System.Security.AccessControl
+{
+	public sealed class CommonSecurityDescriptor : GenericSecurityDescriptor
+	{
+		bool is_container;
+		bool is_ds;
+		ControlFlags flags;
+		SecurityIdentifier owner;
+		SecurityIdentifier group;
+		SystemAcl system_acl;
+		DiscretionaryAcl discretionary_acl;
+		
+		public CommonSecurityDescriptor (bool isContainer, bool isDS, RawSecurityDescriptor rawSecurityDescriptor)
+		{
+			Init (isContainer, isDS, rawSecurityDescriptor);
+		}
+		
+		public CommonSecurityDescriptor (bool isContainer, bool isDS, string sddlForm)
+		{
+			Init (isContainer, isDS, new RawSecurityDescriptor (sddlForm));
+		}
+		
+		public CommonSecurityDescriptor (bool isContainer, bool isDS, byte[] binaryForm, int offset)
+		{
+			Init (isContainer, isDS, new RawSecurityDescriptor (binaryForm, offset));
+		}
+		
+		public CommonSecurityDescriptor (bool isContainer, bool isDS,
+						 ControlFlags flags,
+						 SecurityIdentifier owner,
+						 SecurityIdentifier group,
+						 SystemAcl systemAcl,
+						 DiscretionaryAcl discretionaryAcl)
+		{
+			Init (isContainer, isDS, flags, owner, group, systemAcl, discretionaryAcl);
+		}
+		
+		void Init (bool isContainer, bool isDS, RawSecurityDescriptor rawSecurityDescriptor)
+		{
+			if (null == rawSecurityDescriptor)
+				throw new ArgumentNullException ("rawSecurityDescriptor");
+				
+			SystemAcl sacl = null;
+			if (null != rawSecurityDescriptor.SystemAcl)
+				sacl = new SystemAcl (isContainer, isDS, rawSecurityDescriptor.SystemAcl);
+				
+			DiscretionaryAcl dacl = null;
+			if (null != rawSecurityDescriptor.DiscretionaryAcl)
+				dacl = new DiscretionaryAcl (isContainer, isDS, rawSecurityDescriptor.DiscretionaryAcl);
+				
+			Init (isContainer, isDS,
+			      rawSecurityDescriptor.ControlFlags,
+			      rawSecurityDescriptor.Owner,
+			      rawSecurityDescriptor.Group,
+			      sacl, dacl);
+		}
+		
+		void Init (bool isContainer, bool isDS,
+			   ControlFlags flags,
+			   SecurityIdentifier owner,
+			   SecurityIdentifier group,
+			   SystemAcl systemAcl,
+			   DiscretionaryAcl discretionaryAcl)
+		{
+			this.flags = flags & ~ControlFlags.SystemAclPresent;
+			this.is_container = isContainer;
+			this.is_ds = isDS;
+			
+			Owner = owner;
+			Group = group;
+			SystemAcl = systemAcl;
+			DiscretionaryAcl = discretionaryAcl;
+		}
+		
+		public override ControlFlags ControlFlags {
+			get {
+				ControlFlags realFlags = flags;
+				
+				realFlags |= ControlFlags.DiscretionaryAclPresent;
+				realFlags |= ControlFlags.SelfRelative;
+				if (SystemAcl != null)
+					realFlags |= ControlFlags.SystemAclPresent;
+					
+				return realFlags;
+			}
+		}
+		
+		public DiscretionaryAcl DiscretionaryAcl {
+			get { return discretionary_acl; }
+			set {
+				if (value == null) {
+					value = new DiscretionaryAcl (IsContainer, IsDS, 1);
+					value.AddAccess (AccessControlType.Allow, new SecurityIdentifier ("WD"), -1,
+							IsContainer ? InheritanceFlags.ContainerInherit | InheritanceFlags.ObjectInherit
+								    : InheritanceFlags.None, PropagationFlags.None);
+					value.IsAefa = true;
+				}
+				
+				CheckAclConsistency (value);
+				discretionary_acl = value;
+			}
+		}
+		
+		internal override GenericAcl InternalDacl {
+			get { return DiscretionaryAcl; }
+		}
+		
+		public override SecurityIdentifier Group {
+			get { return  group; }
+			set { group = value; }
+		}
+
+		public bool IsContainer {
+			get { return is_container; }
+		}
+		
+		public bool IsDiscretionaryAclCanonical {
+			get { return DiscretionaryAcl.IsCanonical; }
+		}
+		
+		public bool IsDS {
+			get { return is_ds; }
+		}
+		
+		public bool IsSystemAclCanonical {
+			get { return SystemAcl == null || SystemAcl.IsCanonical; }
+		}
+		
+		public override SecurityIdentifier Owner {
+			get { return  owner; }
+			set { owner = value; }
+		}
+		
+		public SystemAcl SystemAcl {
+			get { return system_acl;  }
+			set {
+				if (value != null)
+					CheckAclConsistency (value);
+					
+				system_acl = value;
+			}
+		}
+		
+		internal override GenericAcl InternalSacl {
+			get { return SystemAcl; }
+		}
+
+		public void PurgeAccessControl (SecurityIdentifier sid)
+		{
+			DiscretionaryAcl.Purge (sid);
+		}
+		
+		public void PurgeAudit (SecurityIdentifier sid)
+		{
+			if (SystemAcl != null)
+				SystemAcl.Purge (sid);
+		}
+		
+		public void SetDiscretionaryAclProtection (bool isProtected,
+							   bool preserveInheritance)
+		{
+			DiscretionaryAcl.IsAefa = false;
+			
+			if (!isProtected) {
+				flags &= ~ControlFlags.DiscretionaryAclProtected;
+				return;
+			}
+			
+			flags |= ControlFlags.DiscretionaryAclProtected;
+			if (!preserveInheritance)
+				DiscretionaryAcl.RemoveInheritedAces ();
+		}
+		
+		public void SetSystemAclProtection (bool isProtected,
+						    bool preserveInheritance)
+		{
+			if (!isProtected) {
+				flags &= ~ControlFlags.SystemAclProtected;
+				return;
+			}
+			
+			flags |= ControlFlags.SystemAclProtected;
+			if (!preserveInheritance && SystemAcl != null)
+				SystemAcl.RemoveInheritedAces ();
+		}
+		
+		void CheckAclConsistency (CommonAcl acl)
+		{
+			if (IsContainer != acl.IsContainer)
+				throw new ArgumentException ("IsContainer must match between descriptor and ACL.");
+			
+			if (IsDS != acl.IsDS)
+				throw new ArgumentException ("IsDS must match between descriptor and ACL.");
+		}
+
+		internal override bool DaclIsUnmodifiedAefa {
+			get { return DiscretionaryAcl.IsAefa; }
+		}
+	}
+}
+