Why Full Trust hosting is not recommended when using a shared ASP.NET or shared Windows hosting plan?

The default trust level for ASP.NET web applications is Full, which grants unrestricted permissions. This is a dangerous trust level when working in a shared environment because it allows one web application to interact with the file system of other web applications on the same server.

For example, if you are in a shared environment that physically arranges its shared web applications in a common folder (i.e., C:\Inetpub\wwwroot\WebApp1, C:\Inetpub\wwwroot\WebApp2, …, C:\Inetpub\wwwroot\WebApp3, and so on), one web application could use the following code to display the Web.config contents of all of the other web applications on the server:

For Each folder As DirectoryInfo In parentPathInfo.GetDirectories()
Dim fileOfInterest As String = Path.Combine(folder.FullName, "Web.config")
If File.Exists(fileOfInterest) Then
Dim webConfigReader As StreamReader = File.OpenText(fileOfInterest)
Response.Write(String.Format("<p><b>Data for File {0}:</b></p><p>{1}</p><hr />", fileOfInterest, _                                                 Server.HtmlEncode(webConfigReader.ReadToEnd())))
webConfigReader.Close()
End If
Next

Since connection strings are usually placed in Web.config, the user running the above code would now be able to connect to other customers databases, where there might be sensitive customer information. The point is, if an ASP.NET application is running in full trust, there’s nothing to stop them from reading, creating, modifying, or deleting files in your web application’s file system.

Looking for good Full Trust Windows / ASP.NET Hosting Plans - Try Webhost4life OR Alentus (We have been using them for years now) 

Fortunately, most web hosting companies follow the advice in Microsoft’s ASP.NET 2.0 Hosting Deployment Guide and place their shared web applications in medium trust. This is accomplished by modifying the machine-level Web.config file in the %windir%\Microsoft.NET\Framework\{version}\CONFIG folder. Moreover, this setting can be locked by the web hosting company.

Here are the permissions granted by the medium trust level:

Medium
Permissions are limited to what the application can access within the directory structure of the application.
No file access is permitted outside of the application’s virtual directory hierarchy.
Can access SQL Server
Can send email by using SMTP servers
Limited rights to certain common environment variables
No reflection permissions whatsoever
No sockets permission
To access Web resources, you must explicitly add endpoint ‘URLs’ - either in the originUrl attribute of the element or inside the policy file.

The following exceptions have been granted in addition to the ones listed above:
ODBC
OLEDB
Reflection Permissions
Web Permission

The main differences between ASP.NET 1.1 and ASP.NET 2.0 for the trust levels are the following:
In version 2.0, SQL Server access is available at Medium trust level because the SQL Server .NET Data Provider no longer demands full trust. In version 2.0, SMTP Permission is available at Full, High and Medium trust levels. This allows applications to send email.

To protect shared environment, you can also set the CAS (code access security) Level to Custom (some hosting companies do provide these settings). The custom setting is basically medium level with some exceptions including ODBC, OLEDB, sockets, Reflection Permissions and Web Permissions. Hosting company can set these custom permissions and can add more privileges. This setting cannot be overridden though, which is good.

Related posts brought to you by Yet Another Related Posts Plugin.