Trust Levels
If you plan to migrate an existing application to a partial-trust level, a good approach is to reduce permissions incrementally so that you can see what parts of your application break. For example, start by setting the trust level attribute to High, then Medium, and so on. Ultimately, the trust level you should target depends on the degree of restriction you want to place on the application. Use the following as guidance:
-
Applications configured for high, medium, low, or minimal trust will be unable to call unmanaged code or serviced components , write to the event log, access Message Queuing queues, or access OLE DB data sources.
-
Applications configured for high trust have unrestricted access to the file system.
-
Applications configured for medium trust have restricted file system access. They can only access files in their own application directory hierarchy.
-
Applications configured for low or minimal trust cannot access SQL Server databases.
-
Minimal trust applications cannot access any resources.
Table 9.3 identifies the permissions that each ASP.NET trust level grants. The full level is omitted from the table because it grants all of the permissions in their unrestricted state.
| Permission and State | High | Medium | Low | Minimal |
|---|---|---|---|---|
| AspNetHosting Level |
High |
Medium |
Low |
Minimal |
| DnsPermission Unrestricted |
ˆ |
ˆ |
|
|
| EnvironmentPermission Unrestricted Read Write |
ˆ | TEMP; TMP; USERNAME; OS; COMPUTERNAME | ||
| EventLogPermission | ||||
| FileIOPermission Unrestricted Read Write Append PathDiscovery |
ˆ |
$AppDir$ $AppDir$ $AppDir$ $AppDir$ |
$AppDir$
$AppDir$ | |
| IsolatedStorageFilePermission Unrestricted AssemblyIsolationByUser- Unrestricted UserQuota |
ˆ |
ˆ ˆ |
ˆ 1MB(can vary with site) | |
| OleDbClientPermission Unrestricted | ||||
| PrintingPermission Unrestricted DefaultPrinting |
ˆ |
ˆ | ||
| ReflectionPermission Unrestricted ReflectionEmit |
ˆ |
| ||
| RegistryPermission Unrestricted |
ˆ | |||
| SecurityPermission Unrestricted Assertion Execution ControlThread ControlPrinicipal RemotingConfiguration |
ˆ ˆ ˆ ˆ ˆ |
ˆ ˆ ˆ ˆ ˆ |
ˆ |
ˆ |
| SocketPermission Unrestricted |
ˆ |
ˆ | ||
| SqlClientPermission Unrestricted |
ˆ |
ˆ | ||
| WebPermission Unrestricted |
ˆ |
$OriginHost$ |
EAN: 2147483647
Pages: 613
- Chapter III Two Models of Online Patronage: Why Do Consumers Shop on the Internet?
- Chapter VII Objective and Perceived Complexity and Their Impacts on Internet Communication
- Chapter VIII Personalization Systems and Their Deployment as Web Site Interface Design Decisions
- Chapter XV Customer Trust in Online Commerce
- Chapter XVI Turning Web Surfers into Loyal Customers: Cognitive Lock-In Through Interface Design and Web Site Usability