What are the permissions at the various trust levels?

From Guidance Share

Jump to: navigation, search

J.D. Meier, Prashant Bansode, Alex Mackman


The key capabilities and restrictions for each trust level are summarized in the following table.

Trust Level Key Capabilities and Restrictions
Full This is the default trust level. No restrictions are imposed by code access security.
High No unmanaged code. No enterprise services. Can access SQL Server and other OLE DB data sources. Very limited reflection permissions. No ability to invoke code by using reflection. A broad set of other framework features are available. Applications have full access to the file system, and to sockets.
Medium Permissions are limited to what the application can access within the directory structure of the application. No file access is permitted outside of the application's virtual directory hierarchy. Can access SQL Server. Can use OLEDB data sources only OledbPermission is required. Can send e-mail by using SMTP servers. Limited rights to certain common environment variables. No reflection permissions whatsoever. No sockets permission. To access Web resources, you must explicitly add endpoint URLs — either in the originUrl attribute of the <trust> element or inside the policy file.
Low Intended to model the concept of a read-only application with no network connectivity. Read only access for file I/O within the application's virtual directory structure.
Minimal Execute only. No ability to change the IPrincipal on a thread or on the HttpContext.

More Information

For more information on code access security, see “How To: Use Code Access Security in ASP.Net 2.0” at http://msdn.microsoft.com/library/en-us/dnpag2/html/PAGHT000017.asp

Personal tools