Full/Medium Trust Question

Discussion in 'Pre-sales questions' started by Guest, Mar 1, 2010.

Thread Status:
Threads that have been inactive for 5 years or longer are closed to further replies. Please start a new thread.
  1. Guest

    Guest Guest

    Hi,
    I've searched the forums and found that DASP allows applications to run in Full Trust. Usually, this isn't recommended for a webhost because it means I could access someone else's files from my web application. However, am I right in believing that DASP's setup of running in different App Pools mitigates this security problem? If so, is there any need for me to have my web.config file set my app to run in medium trust or would that cause unneccessary problems? I would like my site to be as secure as possible (of course), but AJAX requires Full Trust. Am I allowed to install the DLL in my BIN directory (instead of relying on the GAC), which would then allow me to run AJAX in medium trust?

    Thanks
     
    Guest, Mar 1, 2010
    #1
  2. Takeshi Eto

    Takeshi Eto DiscountASP.NET Staff

    1. We can allow full trust because we host each site in their own isolated application pool. There are many hosts out there that jam many more sites onto a box and have to run their accounts in a shared app pool but then you have to run in medium trust to avoid security issues and any other site in the shared app pool can take down your site.
    2. On the Windows 2008 platform, you can control the trust level with your web.config file.
    3. You can bin deploy dlls in our hosting platform.
     
    Takeshi Eto, Mar 1, 2010
    #2
  3. Guest

    Guest Guest

    Just the answers I was hoping for :)
    I'm surprised at how so many hosts don't take basic security precautions when it comes to shared hosting. Nice to see DASP actually securing their sites!
     
    Guest, Mar 1, 2010
    #3
Thread Status:
Threads that have been inactive for 5 years or longer are closed to further replies. Please start a new thread.

Share This Page