Machine level code access security policy is determined by settings in the Security.config file located in the following directory: %windir%\Microsoft.NET\Framework\{version}\CONFIG
Run the following command to be sure that code access security is enabled on your server:
caspol -s On
For more information about configuring code access security for ASP.NET Web applications, see Chapter 9, "Using Code Access Security with ASP.NET."
During this step, you:
Remove all permissions for the local intranet zone .
Remove all permissions for the Internet zone .
The local intranet zone applies permissions to code running from UNC shares or internal Web sites. Reconfigure this zone to grant no permissions by associating it with the Nothing permission set.
Task To remove all permissions for the local intranet zone
Start the Microsoft .NET Framework version 1.1 Configuration tool from the Administrative Tools program group .
Expand Runtime Security Policy , expand Machine , and then expand Code Groups .
Expand All_Code and then select LocalIntranet_Zone .
Click Edit Code Group Properties .
Click the Permission Set tab.
Select Nothing from the drop-down Permission list.
Click OK .
The dialog box shown in Figure 16.6 is displayed.
Figure 16.6: Setting LocalIntranet_Zone code permissions to Nothing
The Internet zone applies code access permissions to code downloaded over the Internet. On Web servers, this zone should be reconfigured to grant no permissions by associating it with the Nothing permission set.
Repeat the steps shown in the preceding section, "Remove All Permissions for the Local Intranet Zone," except set the Internet_Zone to the Nothing permission set.