See Also: AspNetHostingPermission Members
The System.Web.AspNetHostingPermission class is used in conjunction with code access security to help protect public types in the System.Web namespaces. Code must be assigned at least the AspNetHostingPermissionLevel.Minimal trust level to access protected ASP.NET classes.
The System.Web.AspNetHostingPermission class's AspNetHostingPermission.Level property is set by configuring the appropriate trust level in the trust configuration element. By default, the level attribute of the trust configuration element is set to Full. That is, by default, ASP.NET applications run under the AspNetHostingPermissionLevel.Unrestricted level. When an ASP.NET application domain is created, ASP.NET reads the value specified for the level attribute of the trust configuration element, creates an instance of the System.Web.AspNetHostingPermission class with the specified AspNetHostingPermission.Level attribute, and then adds the class to the permission set for the application domain. For more information, see ASP.NET Trust Levels and Policy Files.
It is recommended that you set the level attribute of the trust configuration element to High for sites that are trusted. For sites that are not trusted, such as a Web server that hosts sites that run code from an external customer, it is recommended that you set the level attribute of the trust configuration element to Medium.
The permission sets that are defined by default for the .NET Framework (for example, LocalIntranet, Internet, and so on) do not include the System.Web.AspNetHostingPermission permission. That is, the System.Web.AspNetHostingPermission permission is only assigned, by default, to applications that are running under Full trust.