What is Medium Trust in Asp.net? When should we use Medium Trust in Asp.net?
NET Trust levels in IIS. In Internet Information Systems (IIS), an application's Trust level determines the permissions that are granted to it by . NET code access security (CAS) policy. By default, IIS is configured with Full trust, meaning that unrestricted permissions are granted to applications.
Full trust is the default, allows ASP.NET applications to execute native code, to read from the Registry and Windows Event Log, and to read and write to files outside of the application's virtual directory. In short, with full trust one web application could delete the entire contents of another web application.
High (web_hightrust. config) - Specifies a high level of code access security, which means that the application cannot do any one of the following things by default: Call unmanaged code. Call serviced components.
Trust levels are associated with policy files using the <securityPolicy> configuration element, which is valid only in a site-level configuration (Web. config) file. You can add or remove trust levels by adding entries to the configuration section that specify the trust level name and the policy file to be used.
The most concise description I've seen is here:
- Full trust - your code can do anything that the account running it can do.
- High trust - same as above except your code cannot call into unmanaged code. i.e. Win32 APIs, COM interop.
- Medium trust - same as above except your code cannot see any part of the file system except its application directory.
- Low trust - same as above except your code cannot make any out-of-process calls. i.e. calls to a database, network, etc.
- Minimal trust - code is restricted from anything but the most trival processing (calculating algorithms).
Those are the big differences, were you interested in the minor details as well? The trust levels overall refer to what the code is allowed to do.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With