ASP.NET Trust level

In ASP.NET, administrators set, which in this case, we are, for each application a so-called Trust Level, specifying what the application’s code has the right to do and not do.

We run all ASP.NET 2.0 applications in the Medium trust with the following additions:

  • We allow OleDbPermission for accessing Access databases
  • We allow OdbcPermission for generic ODBC Access, and more specifically to allow MyODBC
  • We allow WebPermission order to be able to use external web services
  • We allow socket permission to open sockets for outgoing network connections
  • We have a version of Connector.Net installed as permitted. More information about this can be found here.
  • Outgoing e-mail must be sent through on port 25 with authentication.

In conclusion, the below is not allowed:

  • Access to the event log, registry and other things that are not relevant to the shared hosting
  • Reflection
  • Unmanaged code
  • The usage of Assemblies that do not allow callers with Partial trust
  • That you send email over SMTP using an external provider

Was this article helpful?

Related Articles