Web Hosting Resource

For .NET 1.1, 2.0, 3.5

Trust levels are basically different sets of security configurations depending upon the circumstance.

You have:

• Full - You can do whatever you want, format the HDD, shut-down the server.
• High - Same as Full but you can’t call unmanaged code.
• Medium - Recommended by Microsoft for shared hosting environments (and all sane sysadmins).
• Low - Same as medium but you can’t do any DB, Network or other calls.
• Minimal - Unless we just wanted to calculated things, we can forget this trust level.

What we actually run is a custom trust level… By this we mean the standard Microsoft Medium trust with a few relaxations and few more restrictive items for ‘proper’ shared hosting security, such as:

• Allowing of OleDbPermission.
• Allowing of OdbcPermission.
• Less restrictive WebPermission.
• Reflection but no ReflectionPermission (so you can still use reflection for code you have permission to access).

Using a Medium trust level prevents applications from accessing shared system resources and eliminates the potential for inta application interference.

Offsite links:

• Microsoft - Using Medium Trust
• Microsoft - When is reflection permission needed?

This entry was posted on Monday, June 23rd, 2008 at 11:32 pm and is filed under FAQs, Windows, ASP & .NET. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.