How to confirm a web site is running in full trust

2019-07-22 17:34发布

I gave a site full trust however I am still getting some security exceptions.

How can I confirm a website has full trust?

标签： asp.net web-services security

3条回答

2楼-- · 2019-07-22 17:52

You can use the SecurityManager.IsGranted to check for a particular grant set. For example, this will test for full trust ...

var perm  = new FileIOPermission(PermissionState.Unrestricted);
var fullTrust = SecurityManager.IsGranted(perm);

0人赞添加讨论(0) 举报

3楼-- · 2019-07-22 17:57

In your web.config file...

<system.web>
      <trust level="Full"/>
      . . ..
</system>

Full Trust Your application can do anything permitted within the process (i.e. logged-in account) can do. If you are running under ASP.NET 2.0, your application typically runs in the ASPNET account. Therefore, if you limit the permissions of the ASPNET account, you can modify what Full Trust can or cannot do.
High Trust The same as Full Trust except your application cannot call into unmanaged code.
Medium Trust The same as High Trust, except the application cannot see the filesystem other than its own application directory.
Low Trust Further restricts the process so that it cannot make out-of-process calls.
Minimal Trust Basically useless. Perhaps you can write a program to compute PI to the 3000th decimal…

0人赞添加讨论(0) 举报

4楼-- · 2019-07-22 18:13

The new way to check is this:

AppDomain.CurrentDomain.PermissionSet.IsUnrestricted()

0人赞添加讨论(0) 举报