Configuring Code Access Security in ASP.NET
By default, Web applications run with full trust and have unrestricted permissions. To modify code access security trust levels in ASP.NET, you have to set a switch in Machine.config or Web.config and configure the application as a partial-trust application.
Configuring Trust Levels
The <trust> element in Machine.config controls whether or not code access security is enabled for a Web application. Open Machine.config, search for "<trust>", and you will see the following.
<system.web> <!-- level="[FullHighMediumLowMinimal]" --> <trust level="Full" originUrl=""/></system.web>
With the trust level set to "Full," code access security is effectively disabled because permission demands do not stand in the way of resource access attempts. This is the only option for ASP.NET Web applications built on .NET Framework version 1.0. As you go through the list from "Full" to "Minimal," each level takes away more permissions, which further restricts your application's ability to access secured resources and perform privileged operations. Each level gives greater degrees of application isolation. Table 9.1 shows the predefined trust levels and indicates the major restrictions in comparison to the previous level.
| ASP.NET Trust Level | Main Restrictions |
|---|---|
| Full | Unrestricted permissions. Applications can access any resource that is subject to operating system security. All privileged operations are supported. |
| High | Not able to call unmanaged code |
| Not able to call serviced components | |
| Not able to write to the event log | |
| Not able to access Microsoft Message Queuing queues | |
| Not able to access OLE DB data sources | |
| Medium | In addition to the above, file access is restricted to the current application directory and registry access is not permitted. |
| Low | In addition to the above, the application is not able to connect to SQL Server and code cannot call CodeAccessPermission.Assert (no assertion security permission). |
| Minimal | Only the execute permission is available. |
Locking the Trust Level
If a Web server administrator wants to use code access security to ensure application isolation and restrict access to system level resources, the administrator must be able to define security policy at the machine level and prevent individual applications from overriding it.
Application service providers or anyone responsible for running multiple Web applications on the same server should lock the trust level for all Web applications. To do this, enclose the <trust> element in Machine.config within a <location> tag, and set the allowOverride attribute to false , as shown in the following example.
<location allowOverride="false"> <system.web> <!-- level="[FullHighMediumLowMinimal]" --> <trust level="Medium" originUrl=""/> </system.web> </location>
You can also use a path attribute on the <location> element to apply a configuration to a specific site or Web application that cannot be overridden. For more information about the <location> element, see Chapter 19, "Securing Your ASP.NET Application and Web Services."
EAN: 2147483647
Pages: 613