Setting the .NET Trust Level for your Application

Trust Levels

Microsoft .NET applications can run in any of the following trust levels:

• Full trust - your code can do anything that the account running it can do.

• High trust - same as ‘Full trust’ except your code cannot call into unmanaged code, such as Win32 APIs and COM interop.

• Medium trust - same as ‘High trust’ except your code cannot see any part of the file system except its own application directory.

• Low trust - same as ‘Medium trust’ except your code cannot make any out-of-process calls, such as calls to a database, network, etc.

• Minimal trust - code is restricted from anything but the most trivial processing (calculating algorithms).

Medium trust restrictions

Many application hosting service providers run applications in the ‘Medium trust’ level.  The main constraints placed on Medium trust Web applications are:

• OleDbPermission is not available. This means you cannot use the ADO.NET managed OLE DB data provider to access databases.  However, you can use the managed SQL Server provider to access SQL Server databases.

• EventLogPermission is not available.  This means you cannot access the Windows event log.

• ReflectionPermission is not available.  This means you cannot use reflection.

• RegistryPermission is not available.  This means you cannot access the registry.

• WebPermission is restricted.  This means your application can only communicate with an address or range of addresses that you define in the <trust> element.

• FileIOPermission is restricted. This means you can only access files in your application's virtual directory hierarchy. Your application is granted Read, Write, Append, and PathDiscovery permissions for your application's virtual directory hierarchy.

You are also prevented from calling unmanaged code or from using Enterprise Services.

Setting the trust level for your Iron Speed Designer-generated application

Because of these Medium trust restrictions, Iron Speed Designer applications require High (or Full) Trust level.  Iron Speed Designer-generated applications specifically require the ReflectionPermission to call database code and to access the RESX files of the application.  Please note that if you are using Microsoft Access, you also need read and write access to the file system to be able to read and save data.  The Microsoft Access database must also be resident in the application folder.

Additional Reading

http://msdn2.microsoft.com/en-us/library/ms998341.aspx

See Also

Deploying Applications to a Production Server

Example: Deploying to DiscountASP.NET

Disabling Event Viewer Logging

Individual Hosting Provider Notes

Setting the .NET Trust Level for your Application