C# 如何在 Medium Trust 中写入 Web.Config?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/562/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to write to Web.Config in Medium Trust?
提问by
Uploading my first decently sized web app to my shared host provided me with a fresh set of challenges, by which I mean, sleepless nights. The issue was that I had most certainly not developed my application for medium trust (or had any clue what that was.)
将我的第一个大小合适的网络应用程序上传到我的共享主机为我提供了一系列新的挑战,我的意思是,不眠之夜。问题是我肯定没有为中等信任开发我的应用程序(或者不知道那是什么。)
I mitigated all of the issues, save one.
我减轻了所有问题,只有一个。
I had written an installer for the admin to be able to specify their connection string and other preferences, but I cannot find a way to write to a web.config in medium trust. Does anyone have a solution, or should I just be putting preferences in another file?
我为管理员编写了一个安装程序,以便能够指定他们的连接字符串和其他首选项,但我找不到一种以中等信任写入 web.config 的方法。有没有人有解决方案,或者我应该将首选项放在另一个文件中?
回答by Rob Allen
That actually sounds like IIS's Lowlevel. If it is, then you won't be able to write to any file, not just the web.config.
这实际上听起来像 IIS 的Low级别。如果是,那么您将无法写入任何文件,而不仅仅是 web.config。
Here are the levels from IIS's help file:
以下是 IIS 帮助文件中的级别:
- Full (internal) - Specifies unrestricted permissions. Grants the ASP.NET application permissions to access any resource that is subject to operating system security. All privileged operations are supported.
- High (web_hightrust.config) - Specifies a high level of code access security, which means that the application cannot do any one of the following things by default:
- Call unmanaged code.
- Call serviced components.
- Write to the event log.
- Access Message Queuing service queues.
- Access ODBC, OleDb, or Oracle data sources.
- Medium (web_mediumtrust.config) - Specifies a medium level of code access security, which means that, in addition to High Trust Level restrictions, the ASP.NET application cannot do any of the following things by default:
- Access files outside the application directory.
- Access the registry.
- Make network or Web service calls.
- Low (web_lowtrust.config) - Specifies a low level of code access security, which means that, in addition to Medium Trust Level restrictions, the application cannot do any of the following things by default:
- Write to the file system.
- Call the Assert method.
- Minimal (web_minimaltrust.config) - Specifies a minimal level of code access security, which means that the application has only execute permissions.
- 完整(内部) - 指定不受限制的权限。授予 ASP.NET 应用程序访问任何受操作系统安全约束的资源的权限。支持所有特权操作。
- High (web_hightrust.config) - 指定高级别的代码访问安全性,这意味着默认情况下应用程序不能执行以下任何一项操作:
- 调用非托管代码。
- 调用服务组件。
- 写入事件日志。
- 访问消息队列服务队列。
- 访问 ODBC、OleDb 或 Oracle 数据源。
- 中 (web_mediumtrust.config) - 指定中等级别的代码访问安全,这意味着除了高信任级别限制之外,ASP.NET 应用程序默认不能执行以下任何操作:
- 访问应用程序目录外的文件。
- 访问注册表。
- 进行网络或 Web 服务调用。
- Low (web_lowtrust.config) - 指定低级别的代码访问安全,这意味着除了中等信任级别限制外,默认情况下应用程序不能执行以下任何操作:
- 写入文件系统。
- 调用断言方法。
- 最小 (web_minimaltrust.config) - 指定最低级别的代码访问安全,这意味着应用程序只有执行权限。
I would suggest that if you are dead set on having an installer, have it create a web.configin memory that the user can save locally and FTPup afterward.
我建议,如果您对安装程序一无所知,请让它web.config在内存中创建一个用户可以在本地保存并FTP随后保存的内存。
