Robert Hurlbut Blog

Thoughts on Software Security, Software Architecture, Software Development, and Agility

ASP.NET 2.0 Partial Trust Web Sites

Monday, September 20, 2004 Comments

 .NET  ArchitecturePatterns  ASP.NET  Security 
Share:   Share on LinkedIn    Share on Twitter    Share on Facebook   

Prompted by Dinis Cruz's question on my CLR Hosting in Whidbey/2.0 post, I checked if it is now easier to create Partial-trust ASP.NET web sites in 2.0.

By default, ASP.NET sites run and are built as "Full Trust" sites. This means a web application has full access to the machine's resources. That may be OK if you are hosting the site on your own server (I would still caution running with "Full trust" on your own server as well!), but what if you are hosting your web application on a shared server such as at an ISP with multiple other companies and people you don't know hosting their site as well?  If each ASP.NET web site is running with Full Trust (and using the same Windows user), one web application could read the files from another application's folder, i.e. web.config!

In ASP.NET 1.0, you could only run your web applications with Full Trust. In ASP.NET 1.1, this was fixed slightly by allowing web applications to run in partial-trust mode. The standard trust levels are "Full", "High", "Medium", "Low", and "Minimal". The problem with 1.1, though, was that you had to set this trust level at machine level, i.e. machine.config. And, of course, that would affect the entire machine. If you reset the level at the top, many web applications that were running correctly would probably start throwing exceptions as it does take some extra coding to get partial-trust sites to run correctly.

Update: Actually, as mentioned by Dinis, my results in ASP.NET 2.0 are very similar to what was already available in ASP.NET 1.1.  You could set trust levels at web.config levels -- I was mistaken.

Tests still need to be done to determine if partial-trust assemblies are any more powerful in ASP.NET 2.0 than in ASP.NET 1.1, as one of the biggest problems with 1.1 was the lack of functionality in the "highest" partial trust application.

Share:   Share on LinkedIn    Share on Twitter    Share on Facebook