In this article I will give you a step by step guide on how to set and manage Net Trust levels with IIS Manager
What is a Net Trust Level? Trust Levels are ASP. Net permissions set in configuration files. These levels determine what operations can be performed by your applications. There are five Trust Levels, and any of them are applied in the web.config file. Instead of editing the file, we will use IIS Manager to change those trust levels.
1. Connect to your site with the Internet Information Services (IIS) Manager:
2. Go to menu “ASP.Net -> .Net Trust Levels“:
3. In the Trust Level page, you can choose five trust levels which are:
ASP.Net Applications get unrestricted access to any resource. It has all privileged operations enabled.
It is a high level code of access. It has the following restrictions:
- Can’t Call unmanaged code.
- Cannot Call serviced components.
- Cannot Write to the event log.
- No Access Message Queuing service queues.
- No Access ODBC, OleDb, or Oracle data sources.
It has the same restrictions as the High Level of trust, plus these:
- Cannot Access files outside the application directory.
- No Access the registry.
- Cannot Make network or Web service calls.
Low (web_lowtrust.config) -
It is the lowest level of code access security, it includes Medium level restrictions and also the following restrictions:
- Write to the file system.
- Call the Assert method.
In this trust level, the application has only execute permissions.
4. Select the trust level, Apply the changes and that’s it! .Net Trust Level has been changed
This concludes Managing Net Trust Levels with IIS Manager