I've heard a lot about trust levels, had people try to explain it to me but still am unable to give a scenario in which I would apply one trust level over another.
I've read through MSDN's article but it didn't do much for me.
Can someone provide a real world example of when you would want to use the various levels (Full, High, Medium, Low, and Minimal) and explain what kind of security risk I would be exposing myself to if I were to use the wrong one?
This article might explain it a lot better than the technical one you were reading.
Here's the best part of it:
Medium Trust Summary
The main constraints placed on medium
trust Web applications are:
OleDbPermission is not available. This means you cannot use
the ADO.NET managed OLE DB data
provider to access databases. However,
you can use the managed SQL Server
provider to access SQL Server
databases.
EventLogPermission is not available. This means you cannot
access the Windows event log.
ReflectionPermission is not available. This means you cannot use
reflection.
RegistryPermission is not available. This means you cannot
access the registry.
WebPermission is restricted. This means your application can only
communicate with an address or range
of addresses that you define in the
element.
FileIOPermission is restricted. This means you can only access files
in your application's virtual
directory hierarchy. Your application
is granted Read, Write, Append, and
PathDiscovery permissions for your
application's virtual directory
hierarchy.
You are also prevented from calling
unmanaged code or from using
Enterprise Services.
An easy real-world situation to imagine where you need this is if you are an ISP offering hosting to people. Allowing anyone to write code that can access the filesystem means that anyone could do anything they want on your server, which might be hosting multiple clients.
While not an expert, I would give one of the more common examples of trust is if you bought hosting through a shared hoster through some vendor for $10 a month, where you don't have direct access to the machine, but get an allotted storage space. In this scenario, you get medium trust typically because the hoster wants to limit what you can do (make sure you can't delete or modify something that's not supposed to be), and don't have access to certain resources (like try to read a file outside of the folder you have permission to) and other tasks.
We have full access to our machine where we host a site, and we give it full trust, it isn't a concern for us since its dedicated to our web site and not a shared resource.
The problem with Trust levels is that so many plugins require elevated permissions that certain types of applications simply won't work under it.
I've personally seen Crystal Reports and a HTML to PDF conversion tool fail under Medium Trust - FileIOPermission is required to the Temp folder outside of your applications virtual directory. I've also seen issues with TCP Socket connections blocked because of certain Trust levels.
I actually had a rather annoying catch 22 situation with a web application last year where Medium Trust was required for security, but so was writing to the Event Log!
Fortunately you can overwrite Trust levels in your machine.config on the server (if you have access to it), or your web.config if your server is configured to allow it overwrite the machine.config file.
Doing that sort of defeats the purpose of fixed Trust levels though...