views:

197

answers:

1

I am trying to determine how suicidal this is...

I have a hosting environment where a custom ASP.Net CMS application needs to access the files in the root folder of a website even though it is in a virtual folder so it can be shared accross many sites. I can modify the Medium trust on the server and came up with this...

<IPermission class="FileIOPermission" version="1"
Read="$AppDir$;$AppDir$\.."
Write="$AppDir$;$AppDir$\.."
Append="$AppDir$;$AppDir$\.."
PathDiscovery="$AppDir$;$AppDir$\.."/>

Oddly enough, it works. Yes, I understand it is doing this for all the Apps.

I am a bit at a loss as to easy ways to test what else is being exposed. Feels dangerous. Opinions?

A: 

Just a guess, but could you setup a virtual directory inside each of your websites, that points to the directory (your root directory) you want to share?

Alex Key