Best IT Recipes

How do I confirm that a website is operating in complete trust?

I gave the site full trust, but I still get some security exceptions.

How can I confirm that the site has full trust?

+2
security web-services
Jul 07 '09 at 5:26
source share
3 answers

You can use SecurityManager.IsGranted to test a specific set of grants. For example, this will be checked for full trust ...

var perm = new FileIOPermission(PermissionState.Unrestricted); var fullTrust = SecurityManager.IsGranted(perm);
+2
Jul 07 '09 at 5:34
source share

In the web.config file ...

 <system.web> <trust level="Full"/> . . .. </system>
  • Full trust . Your application can do everything that is allowed in the process (for example, a registered account). If you are running ASP.NET 2.0, your application usually runs under an ASPNET account. Therefore, if you restrict access rights to an ASPNET account, you can change what Full Trust can or cannot do.
  • High level of trust Same as Full Trust, except that your application cannot invoke unmanaged code.
  • Medium trust Same as high trust, except that the application cannot see the file system other than its own application directory.
  • Low level of trust . It further restricts the process so that it cannot make calls outside the process.
  • Minimum Trust In principle, it is useless. Perhaps you can write a program to calculate PI up to the 3000th decimal number ...

Source

+1
Jul 07 '09 at 13:00
source share

A new way to test this:

 AppDomain.CurrentDomain.PermissionSet.IsUnrestricted()
0
Sep 17 '15 at 11:55
source share


More articles:


All Articles