tags:

views:

233

answers:

1
Q: 

Giving full trust to a site in a medium trust host

I have admin access to a Windows 2003 server. The trust level is set to medium trust with allowOverride=false.

I was wondering if there's a way to add an exception in the configuration files so that one site can run in full trust. By using the location tag?

What if the AppPool has an identity in the admin group or the medium trust trumps that?

For PremissonSet and IPermission, can these be used to set custom permissions for a certain site only or are they server wide settings only? I don't other sites to inherit these permissions.

+1  A: 

I'm sorry, but this is a terrible idea. If you have code that you must do in full trust, then write a service which does just that function, and have your (non-full-trust) web application query the service. The idea of putting a full trust web application up on the Internet (or even the intranet) is, frankly, frightening. Better, of course, would be to remove the full trust requirement, if possible, but of course you can't always do that.

Craig Stuntz  2009-02-06 13:06:47
The site could be using third party components which need full trust. I don't have control over them. Maybe a solution is to write a wrapper around them but I haven't try it and know it works.It's an issue only if you don't trust your own site's security. I wonder how some hosters run full trust.
Abdu  2009-02-06 19:35:36

related questions

Apache and IIS side by side (both listening to port 80) on windows2003
Web Access to Virtual Machine
Winsock - 10038 Error - Win2K3 Server - baffling behaviour
How to hide complete volume?
Using both 1.1 and 2.0 frameworks on Windows 2003 x64
Windows Server 2003 - Share current Desktop via RDP like in Windows XP?
How can I kill a process, using VBScript, started by a particular user.
Can you have more than one ASP.NET State Server Service in a cluster?
Do I need a Windows CAL for each client when they will only access an Oracle database on the server?
Switching state server to another machine in cluster
How do you tell IIS 6 to set the .NET version to 2.0 (not 1.1) When New sites are created?
How do I stop network flooding using Windows 2003 Network Load balancing?
MS Server 2003 vs MS Server 2008
Does Windows Server 2003 SP2 tell the truth about Free System Page Table Entries?
How to Prevent the "Please tell Microsoft about this problem" Dialog Boxes
Delayed Write Failed on Windows 2003 Clustered Fileshare
How do I cluster an upload folder with ASP.Net?
How do I secure a folder used to let users upload files?
I'm looking for a Windows hosting provider that supports custom os images (like AMZN EC2)
Error installing iKernel.exe
how to allow files starting with period and no extension in windows 2003 server?
How can I prevent a server from becoming locked after a Remote Desktop session
Default Internet connection on Dual LAN Workstation
Printers not available unless shared.
Client collation and SQL Server 2005