Understanding Code Access Security

Another new security feature in ASP.NET is code access security. A full discussion of code access security is beyond the scope of this book, but here’s an overview.

Code access security is Microsoft’s answer to the challenge of preventing untrusted code from performing actions on your system that might result in the damage or compromise of data. It allows ASP.NET developers and/or server administrators to specify the level of trust a given application should have, using the <securityPolicy> and <trust> elements in Web.config. (See Appendix B for more information on these elements.) ASP.NET comes preconfigured with a set of code access security templates that are mapped to trust levels in machine.config. Depending on the level of trust specified in the <trust> element, the proper set of code access security permissions are applied to the application. This can include such permissions as whether the application can read from parts of the file system outside its Web space, can write to its file space, is restricted to read-only, or is allowed only to execute.

Like the <location> element that allows the lockdown of configuration settings at a machine level, code access security and the templates used to apply its permissions are ideal in shared server environments in which you want to allow users to create their own ASP.NET applications, but want to be able to choose which actions can be taken by code written by different users.