3.10 Ensure global .NET trust level is configured

Information

This only applies to .Net 2.0. Future versions have stopped supporting this feature.

An application's trust level determines the permissions that are granted by the ASP.NET code access security (CAS) policy. CAS defines two trust categories: full trust and partial trust. An application that has full trust permissions may access all resource types on a server and perform privileged operations, while applications that run with partial trust have varying levels of operating permissions and access to resources.

The possible values for the Level property of the TrustSection class are:

Full: Specifies unrestricted permissions and grants the ASP.NET application permissions to access any resource that is subject to operating system security; all privileged operations are supported

High: specifies a high level of code access security which limits the application from doing the following:

Call unmanaged code

Call serviced components

Write to the event log

Access Microsoft Windows Message Queuing queues

Access ODBC, OLD DB, or Oracle data sources

Medium: specifies a medium level of code access security, which means that in addition to the restrictions for High, the ASP.NET application cannot do any of the following things:

Access files outside the application directory

Access the registry

Low: specifies a low level of code access security, which means that in addition to the restrictions for Medium, the application is prevented from performing any of the following actions:

Write to the file system

Call the System.Security.CodeAccessPermission.Assert method to expand permissions to resources

Minimal: specifies a minimal level of code access security, which means that the application has only execute permission

It is recommended that the global .NET Trust Level be set to Medium or lower.

Rationale:

The CAS determines the permissions that are granted to the application on the server. Setting a minimal level of trust that is compatible with the applications will limit the potential harm that a compromised application could cause to a system.

Solution

Trust level can be set by using the UI, running appcmd.exe commands, by editing configuration files directly, or by writing WMI scripts. To set the .Net Trust Level to Medium at the server level using an appcmd.exe command:

%systemroot%\system32\inetsrv\appcmd set config /commit:WEBROOT /section:trust /level:Medium

When Appcmd.exe is used to configure the element at the global level in IIS, the /commit:WEBROOT switch must be included so that configuration changes are made to the root web.config file instead of ApplicationHost.config.

See Also

https://workbench.cisecurity.org/benchmarks/14293

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6

Plugin: Windows

Control ID: c7dbbfda85347201b933946dd02e7a66e2c018c9d66f1466dcf0b1b6990b9c45