How to write to Web.Config in Medium Trust?

C#asp.netMedium Trust

C# Problem Overview

Uploading my first decently sized web app to my shared host provided me with a fresh set of challenges, by which I mean, sleepless nights. The issue was that I had most certainly not developed my application for medium trust (or had any clue what that was.)

I mitigated all of the issues, save one.

I had written an installer for the admin to be able to specify their connection string and other preferences, but I cannot find a way to write to a web.config in medium trust. Does anyone have a solution, or should I just be putting preferences in another file?

C# Solutions

Solution 1 - C#

That actually sounds like IIS's Low level. If it is, then you won't be able to write to any file, not just the web.config.

Here are the levels from IIS's help file:

  • Full (internal) - Specifies unrestricted permissions. Grants the ASP.NET application permissions to access any resource that is subject to operating system security. All privileged operations are supported.

  • High (web_hightrust.config) - Specifies a high level of code access security, which means that the application cannot do any one of the following things by default:
    • Call unmanaged code.
    • Call serviced components.
    • Write to the event log.
    • Access Message Queuing service queues.
    • Access ODBC, OleDb, or Oracle data sources.
  • Medium (web_mediumtrust.config) - Specifies a medium level of code access security, which means that, in addition to High Trust Level restrictions, the ASP.NET application cannot do any of the following things by default:
    • Access files outside the application directory.
    • Access the registry.
    • Make network or Web service calls.
  • Low (web_lowtrust.config) - Specifies a low level of code access security, which means that, in addition to Medium Trust Level restrictions, the application cannot do any of the following things by default:
    • Write to the file system.
    • Call the Assert method.
  • Minimal (web_minimaltrust.config) - Specifies a minimal level of code access security, which means that the application has only execute permissions.

I would suggest that if you are dead set on having an installer, have it create a web.config in memory that the user can save locally and FTP up afterward.

Categories
Recommended C# Solutions
Recommended asp.net Solutions

Previous Solution:

Microsoft Office 2007 file type, Mime types and identifying characters

MimeFile TypeOffice 2007

Next Solution:

Text Editor For Linux (Besides Vi)?

LinuxEditor

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionAaronView Question on Stackoverflow
Solution 1 - C#Rob AllenView Answer on Stackoverflow