Blog moved to www.jeffreypalermo.com
The good news is that most of the web applications I write work just
fine in medium trust, so it's very easy to run your ASP.NET app in
partial trust. All it takes is a change to your web.config.
<system.web>
<trust level="Full"/>
. . ..
</system.web>
ASP.NET runs at Full trust by default (trust levels didn't exist in
v1.0). Change the level attribute above to a different setting to
change the permissions of your ASP.NET code. You can change your
trust level, and here's the rundown of what each one means:
- Full trust - your code can do anything that the account running it can do.
- High trust - same as above except your code cannot call into unmanaged code. i.e. Win32 APIs, COM interop.
- Medium trust - same as above except your code cannot see any part of the file system except its application directory.
- Low trust - same as above except your code cannot make any out-of-process calls. i.e. calls to a database, network, etc.
- Minimal trust - code is restricted from anything but the most trival processing (calculating algorithms).
The above lines are the most significant differences that would lead
you to choose a particular trust level. Read more about
trust leves and code-access security from MSDN.
About Jeffrey Palermo
Jeffrey Palermo is a software management consultant and the CTO of Headspring Systems in Austin, TX. Jeffrey specializes in Agile coaching and helps companies double the productivity of software teams. Jeffrey is an MCSD.Net , Microsoft MVP, Certified Scrummaster, Austin .Net User Group leader, AgileAustin board member, INETA speaker, INETA Membership Mentor, Christian, husband, father, motorcyclist, Eagle Scout, U.S. Army Veteran, and Texas A&M University graduate.
