Telerik OpenAccess Classic

Telerik OpenAccess ORM Send comments on this topic.
Partial Trust Environments
See Also
Programmer's Guide > OpenAccess ORM Classic (Old API) > Deploying Telerik OpenAccess ORM > Partial Trust Environments

Glossary Item Box

This documentation article is a legacy resource describing the functionality of the deprecated OpenAccess Classic only. The contemporary documentation of Telerik OpenAccess ORM is available here.

Applications that use earlier versions of Telerik OpenAccess ORM prior to version 2008.3 require enough permissions so that the only security level they can use is full trust. With later versions of Telerik OpenAccess ORM, you can run applications under partial trust. A common example is an ASP.NET application that runs in a hosted environment. Typically, these types of applications require only enough permissions to run under medium trust. Depending on the Telerik OpenAccess ORM features that your application uses, you may need to grant additional permissions beyond those granted by a default partial-trust policy.

Overview of Partial Trust

Most common security mechanisms give rights to users based on their logon credentials (usually a password) and restrict resources such as directories and files that the users can access. However, this approach fails to address several issues: users obtain code from many sources, some of which might be unreliable; code can contain bugs or vulnerabilities that enable it to be exploited by malicious code.

To help protect computer systems from malicious mobile code, to allow code from unknown origins to run with protection, and to help prevent trusted code from intentionally or accidentally compromising security, the .NET Framework provides a security mechanism named code access security. Code access security allows code to be trusted to varying degrees depending on where the code originates and on other aspects of the code's identity. Code access security also enforces the varying levels of trust on code, which minimizes the amount of code that must be fully trusted in order to run. The security policy defines the level of trust and there are five default trust policies that you can assign to applications. These policies are named full, high, medium, low, and minimal. If an application has full security, code access security imposes no restrictions. Partial-trust policies impose various sets of constraints, such as restricting an application from accessing the local hard disk and from running unmanaged code.

If your application needs more permissions than those granted in a default trust level, such as medium trust, but you do not want to run in full trust, you can create a custom policy based on a default policy that grants the specific additional permissions that you need. For example, if you want to run in medium trust but you must grant your application read-only access to a directory on the user's file system, you can create a custom policy based on medium trust that also requests FileIOPermission for only that directory. Used correctly, this approach increases the functionality of your application while minimizing security risks to your users.

See Also