What Do Trust Levels Mean?


What Is Trust Level



Trust levels allow you to set the security rules of your site. They dictate to the operations an application can carry out like reading a disk, changing file permission, accessing registry and customizing system files among others.There are different trust levels, and each has a policy file associated with the exception of the Full trust. The user sets how the trust levels manage access to different aspects. You may decide to restrict access to different resources and operations that you feel are not secure. You set the <trust> feature a given trust level. The levels include full, high, medium, Low and minimal trust levels.


Full Trust Level

Applications with full trust are affected only by the security settings of the operating system. Applications with a full trust level, do have full access with every resource types on a server and important operations. Applications security settings of the operating system are only affected. Full trust applications will only able to execute arbitrary code which is native in the applications of their running. Most users consider this as vulnerable to malicious codes and lack of policy file. However, most people feel that this comes with risks of accessing malicious codes, and its lack of a policy file makes most users avoid it.

 

High Trust Level

This level of trust mostly utilizes .NET Framework approvals and partial trust support. High trust level is widely used for trusted applications and which we can assign fewer rights to reduce the risk-taking measure. This trust level is same as in terms of access of the application as in full trust level. The only difference is that it restricts COM Interop and unmanaged code.

 

Medium Trust Level

Medium trust applications do have the permission to read and write on the files related to them. Also communication with Microsoft SQL Server is also granted. Restriction for accessing Open Database Connectivity (ODBC) or OLE DB (Object Linking and Embedding, Database) do persists. This trust levels are usually assigned in shared servers where it needs communication to SQL server files and maintains root structure of the application.

 

Low Trust Level

Low trust level allows read to it’s application, but denies the communication to the database and or to the network. This permits the application to access their applications and isolate access to external resources mainly system resource.

 

Minimal Trust Level

Minimal trust application code provides permission for the execution of resourcing, but blocks the interaction with the resources. This is most suitable for hosting companies with large number of websites.

In order to choose trust level a user must know what is trust level and how do they affect the websites.

 

How Does Trust Levels Affect your Website and your Hosting

Full, High and Medium Trust Levels

Full trust level codes provide full access to the applications offered by the web hosting provider to the user. Each hosting account uses these codes thereby resources utilization occurs without considering the security aspects of the operating system.  With the help of this setting users gets the permission for read and write files out of the virtual directory where at the same time they can do native coding. If you have a full trust level hosting package, then understand that you can use many hosting features without restrictions.

 

Low and Minimal Trust Levels

This level of trust applications does have a read only operation of the code in its application. The access to the resources or networks re denied to the user. Right for the execution of code is available in minimal trust levels.

 

How Trust Level Affects a Site

The restriction of access to a few files on high trust level is the noted point on websites. This gives a less amount of risk for the websites from attacks. In medium ASP.NET level, user’s rights are increased a bit more.  Only read and write permissions will be given to the user for the codes in the applications. Which is mainly used in shared hosting.

The trust level effects on the websites and the webhosting is mostly designed by the webhosting and the model in which how they pool the applications. Each trust level works individually and may not be suited for different website from different host.



What trust level does 1-grid use? Medium Trust Level