Security, Trust Level in Web.Config

F

Fabrice

Hello,



One question about security. I try to secure my web application on IIS6 and
asp.net 1.1

I have differents questions about the element "trust level" in the
config.web to manage process rights.



Is a good idea to manipulate this configuration ?



<system.web>
<trust level="full/hight/medium/low/minimal"
originurl="http://www.website.com/*" />
</system.web>



If I configure my root Web.Config as following,



<system.web>
<trust level="minimal" originurl="http://www.website.com/*" />
</system.web>



All the page of my site will be execute with minimals rights (process) ?
This is right ?

And if i need to increase the rights can i create an another web.config in a
subdirectory with this configuration ?



<system.web>
<trust level="full" originurl=http://www.website.com/subdirectory/* />
</system.web>





Thanks for your help.



fabrice
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,901
Latest member
Noble71S45

Latest Threads

Top