Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...About Full TrustAbout Full Trust
Previous
 
Next
New Post
11/28/2011 2:06 PM
 
Ian Marlow


www.royal-southern.co.uk/
Joined: 2/20/2006
Posts: 876
About Full Trust
 
 I may need to move a site from medium to full trust and have two questions.
 
 What are the security implications to this?
 
 How do I do it?  I can see the commented out line   trust level="Full" originUrl=".*"
 Do I just uncomment and set to Full?
 
 Thanks
 
 Ian
Mutate and Survive
 
New Post
11/28/2011 7:25 PM
 
Matt Jura


www.wsi-internetmarketing.co.uk
Joined: 2/24/2010
Posts: 67
Full trust allows ASP.NET applications to execute native code, to read from the Registry and Windows Event Log, and to read and write to files outside of the application’s virtual directory. Medium trust limits the set of operations allowed, it will place a number of restrictions on an application, including limiting the file access. Many DNN modules require Full trust environment  to function properly. All of our sites run in Full trust and from our research and experience we found that there is no reason to do otherwise. General consensus is that you should run DNN in Full trust environment if possible.

As for setting the trust level it depends on your server and hosting provider.
For example on our shared hosting plans on 2008 servers we only need to change the web config file, however on plans running windows 2005 or erlier this is not possible and we needed to move the site to a specific full trust server.


WSI - DNN Gold Partner | WSI - Internet Marketing
Matt Jura - blog on design, web and DotNetNuke | Twitter @MattsDailyTweet
 
New Post
11/28/2011 7:35 PM
 
Joe Brinkman


Joe Brinkman's Avatar

blog.theaccidentalgeek.com
Joined: 5/18/2003
Posts: 2356

Ian,

  I have given many presentations on this topic and don't recommend anyone run at full trust if they can possibly avoid it.  Full trust gives code way too much power.  If you are not restricted by your hoster and have server access I would recommend creating a custom trust level that provides just the security permissions needed to run the modules needed for your site. It is not hard to craft a custom trust level and it means that at a minimum you aren't giving code the ability to write outside the application directory.  Running in full trust should be an absolute last resort.

Joe Brinkman
DNN Corp.
 
New Post
11/28/2011 8:18 PM
 
Matt Jura


www.wsi-internetmarketing.co.uk
Joined: 2/24/2010
Posts: 67

Hi Joe
Can we read up on this topic somewhere or get hold of the presentations. It looks as the opinion is split on this one, MItchel Sellers and other valued community members seem to advocate the opposite.

I know that in the past the core DNN had problems with Medium trust (it was a while back) and it would be interesting to see your take on the subject in more depth.

As they say, every day is a school day :)

 


WSI - DNN Gold Partner | WSI - Internet Marketing
Matt Jura - blog on design, web and DotNetNuke | Twitter @MattsDailyTweet
 
New Post
11/28/2011 8:22 PM
 
Ian Marlow


www.royal-southern.co.uk/
Joined: 2/20/2006
Posts: 876
Hi Joe and Matt
 
 Thank you both for you very informative replies.
 I am not qualified to debate the diametric "points of view" but in this case the site will hold a lot of personal information so to keep any "risk surface" as low as possible so I will go with Joe's advice.
 
 I have never heard of  of a custom trust level.  A quick search on msdn found this link - http://msdn.microsoft.com/en-us/library/wyts434y.aspx  - provided in the spirit of adding to this useful thread.
 
 Do you have any links to further information or advice specific to DNN ?
 
 Again Many Thanks to you both.
 
 Ian

Edit: Ilke your site Matt

Mutate and Survive
 
 Page 1 of 2
12Next 
Previous
 
Next
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...About Full TrustAbout Full Trust


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out