SYSK 188: Understanding AspNetHostingPermission…

  • Article

If you’ve ever seen “insufficient trust for...” types of error message, this blog post may be interesting to you…

 

AspNetHostingPermissionAttribute is a CodeAccessSecurityAttribute which controls access permissions in ASP.NET hosted environments.  For example, all public types in the System.Web and System.Web.Mobile are protected with demands for the Minimum level of this permission. This risk mitigation strategy is designed to ensure that Web application code cannot be used in other partial-trust environments without specific policy configuration by an administrator.

 

High -- indicates that features protected with a demand for any level less than or equal to the High trust level will succeed. This level is intended for highly trusted managed-code applications that need to use most of the managed permissions that support semi-trusted access. It does not grant some of the highest permissions (for example, the ability to call into native code), but it does provide a way to run trusted applications with least privilege or to provide some level of constraints for highly trusted applications. This level is granted by configuring at least the High trust level in the trust section in a configuration file. 

 

For example,

  • HttpApplication.Modules
  • HttpException.Results
  • HttpException.SourceCode
  • HttpRuntime.AppDomainAppId
  • HttpRuntime.AppDomainId
  • ProcessModelInfo.GetCurrentProcessInfo ProcessModelInfo.GetHistory

are examples of methods protected with

[AspNetHostingPermission(SecurityAction.Demand, Level=AspNetHostingPermissionLevel.High)]

 

Low -- indicates that features protected with a demand for any level less than or equal to the Low level will succeed. This level is intended to allow read-only access to limited resources in a constrained environment. This level is granted by specifying the Low trust level in the trust section in a configuration file. 

 

For example,

  • HttpWebRequest.Params
  • HttpWebRequest.ServerVariables
  • HttpRuntime.IsOnUNCShare

are examples of methods protected with

[AspNetHostingPermission(SecurityAction.Demand, Level=AspNetHostingPermissionLevel.Low)]

 

Medium -- indicates that features protected with a demand for any level less than or equal to the Medium level will succeed. This level is granted by configuring at least the Medium trust level in the trust section in a configuration file. 

 

For example,

  • HttpRequest.LogonUserIdentity
  • HttpResponse.AppendToLog
  • HttpRuntime.ProcessRequest

are examples of methods protected with

AspNetHostingPermissionLevel.Medium

 

In addition, some methods may alter the execution path based on the hosting permission level.  The following pseudo-code demonstrates the logic of outputting error info:

 

// Write error info, excluding sensitive info like call stack

if (HttpRuntime.HasAspNetHostingPermission(AspNetHostingPermissionLevel.Medium))

{

    // dump call stack

}

 

 

Minimal -- indicates that features protected with a demand for the Minimal level will succeed. This level allows code to execute but not to interact with resources present on the system. This level is granted by configuring at least the Minimal trust level using the trust section in a configuration file. 

 

For example,

  • The entire HttpApplication, HttpCacheVaryByParams, HttpCachePolicy, HttpClientCertificate, HttpContext, HttpPostedFile, HttpRuntime, HttpServerUtility classes, and many others

are examples of methods protected with

AspNetHostingPermissionLevel.Minimal

 

None -- indicates that no permission is granted. All demands for AspNetHostingPermission will fail. 

 

At this time, I’m not aware of any ASP.NET framework classes protected with  AspNetHostingPermissionLevel.None.

 

Unrestricted -- indicates that all demands for permission to use all features of an application will be granted. This is equivalent to granting Full trust level in the trust section in a configuration file. 

 

At this time, I’m not aware of any ASP.NET framework classes protected with  AspNetHostingPermissionLevel.Unrestricted.

 

 

Sources:

http://msdn2.microsoft.com/en-us/library/system.web.aspnethostingpermission.aspx

http://msdn2.microsoft.com/en-us/library/system.web.aspnethostingpermissionlevel.aspx

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/THCMCh09.asp