SYSK 188: Understanding AspNetHostingPermission…


If you’ve ever seen “insufficient trust for…” types of error message, this blog post may be interesting to you…


 


AspNetHostingPermissionAttribute is a CodeAccessSecurityAttribute which controls access permissions in ASP.NET hosted environments.  For example, all public types in the System.Web and System.Web.Mobile are protected with demands for the Minimum level of this permission. This risk mitigation strategy is designed to ensure that Web application code cannot be used in other partial-trust environments without specific policy configuration by an administrator.


 


High — indicates that features protected with a demand for any level less than or equal to the High trust level will succeed. This level is intended for highly trusted managed-code applications that need to use most of the managed permissions that support semi-trusted access. It does not grant some of the highest permissions (for example, the ability to call into native code), but it does provide a way to run trusted applications with least privilege or to provide some level of constraints for highly trusted applications. This level is granted by configuring at least the High trust level in the trust section in a configuration file. 


 


For example,



  • HttpApplication.Modules

  • HttpException.Results

  • HttpException.SourceCode

  • HttpRuntime.AppDomainAppId

  • HttpRuntime.AppDomainId

  • ProcessModelInfo.GetCurrentProcessInfo ProcessModelInfo.GetHistory

are examples of methods protected with


[AspNetHostingPermission(SecurityAction.Demand, Level=AspNetHostingPermissionLevel.High)]


 


Low — indicates that features protected with a demand for any level less than or equal to the Low level will succeed. This level is intended to allow read-only access to limited resources in a constrained environment. This level is granted by specifying the Low trust level in the trust section in a configuration file. 


 


For example,



  • HttpWebRequest.Params

  • HttpWebRequest.ServerVariables

  • HttpRuntime.IsOnUNCShare

are examples of methods protected with


[AspNetHostingPermission(SecurityAction.Demand, Level=AspNetHostingPermissionLevel.Low)]


 


Medium — indicates that features protected with a demand for any level less than or equal to the Medium level will succeed. This level is granted by configuring at least the Medium trust level in the trust section in a configuration file. 


 


For example,



  • HttpRequest.LogonUserIdentity

  • HttpResponse.AppendToLog

  • HttpRuntime.ProcessRequest

are examples of methods protected with


AspNetHostingPermissionLevel.Medium


 


In addition, some methods may alter the execution path based on the hosting permission level.  The following pseudo-code demonstrates the logic of outputting error info:


 


// Write error info, excluding sensitive info like call stack


 


if (HttpRuntime.HasAspNetHostingPermission(AspNetHostingPermissionLevel.Medium))


{


    // dump call stack   


}


 


 


Minimal — indicates that features protected with a demand for the Minimal level will succeed. This level allows code to execute but not to interact with resources present on the system. This level is granted by configuring at least the Minimal trust level using the trust section in a configuration file. 


 


For example,



  • The entire HttpApplication, HttpCacheVaryByParams, HttpCachePolicy, HttpClientCertificate, HttpContext, HttpPostedFile, HttpRuntime, HttpServerUtility classes, and many others

are examples of methods protected with


AspNetHostingPermissionLevel.Minimal


 


 


None — indicates that no permission is granted. All demands for AspNetHostingPermission will fail. 


 


At this time, I’m not aware of any ASP.NET framework classes protected with  AspNetHostingPermissionLevel.None.


 


Unrestricted — indicates that all demands for permission to use all features of an application will be granted. This is equivalent to granting Full trust level in the trust section in a configuration file. 


 


At this time, I’m not aware of any ASP.NET framework classes protected with  AspNetHostingPermissionLevel.Unrestricted.


 


 


Sources: 


http://msdn2.microsoft.com/en-us/library/system.web.aspnethostingpermission.aspx


http://msdn2.microsoft.com/en-us/library/system.web.aspnethostingpermissionlevel.aspx


http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/THCMCh09.asp


 

Comments (3)

  1. Johnny B says:

    Useful info. But would be nice if you indicated how to fix these types of error i.e. what to change and where?

    Thanks.

  2. irenak says:

    Check out the "ASP.NET Trust Levels and Policy Files" article at http://msdn2.microsoft.com/en-us/library/wyts434y.aspx

    Also, this might be of help:  http://msdn2.microsoft.com/en-us/library/tkscy493.aspx

  3. Larry Wakeman says:

    Hasn’t ANYBODY come up with a work-around to the HttpWebRequest trust issue in asp.net 2.0 when your hosting company won’t/can’t change the trust level on their shared server to full????