How useful is partial trust configuration in ASP.NET environment? If I have my own server, which I fully administratively control, setting up partial trust is only useful in types of attacks which somehow manage to upload and execute malicious code, but are not able to touch web.config to raise the trust level. Are such attacks possible?
A:
Partial trust is there for hosting companies to use. If you have your own server you shouldn't worry about it and set it to full trust.
Mattias Jakobsson
2010-01-20 16:46:09
+2
A:
I've beat my head against the wall on this one for a few years. With medium trust you quickly find out many, many 3rd party controls you use can't cope with medium trust and you don't always have the source code. As soon as you hit one line of code that must run in full trust and must not be put in the GAC--in my cases there were licensing restrictions on making the components sharable in the GAC--, you're back to full trust.
My advice:
- Wait for .NET 4.0. The CAS model has simplified.
- Fire up an appdomain per request and set the CAS permissions list at that point. You only get one CAS policy for the whole appdomain. Watch performance and scalability disappear when you fire up an app-domain per request, learn that inter-app domain communication is often painful, etc.
To date, the only reason I can think that someone must use medium trust is if: discount hosting, your organization demands it (because it's on a check list), because you're allowing users to upload dlls on purpose (say if you were running a online decompilation service or a programming contest to let users submit the fastest dll).
MatthewMartin
2010-01-20 16:56:47