Our IIS servers just were upgraded to IIS 7.5. As part of the government mandated security tightening, they (the Data Center people) are now required to implement a Medium Trust Level. However the Medium Trust Level does not allow our application to do what is needed. We tried to get them to apply a Custom Trust Level using instructions we got from an MSDN article. It did not work. I started a thread in the General Forums catagory about it at http://forums.iis.net/t/1214527.aspx?Setting+Custom+Trust+level+with+changed+FileI+O+Permission It only got one answer, 12 days ago, which totally failed.
I am hoping that people more interested in security will access this thread and be able to assist us in this.
I have been informed on other forums that once a thread reaches a certain age then it is pointless to expect a reply and you might as well start a new thread. So although this is essentially a duplicate of the other thread I am hoping someone will see this and be able to give us the answer.
Update 7/24/2014: I have not received any assistance to this in the last 8 days. We have not forgotten this. We were successful in using the MS instructions to implement a custom trust level file that would allow us to use OLEDB connections while in what is otherwise the medium Trust level. So the MSDN article at http://msdn.microsoft.com/en-us/library/ff648344.aspx is not totally wrong. However, we still have not been able to implement the section on File I/O permissions. Since the article is about ASP.Net 2.0 permissions, we intend to create a test 2.0 web app and a test 2.0 app pool, put the customized tust level config under the 2.0 folder and try it there to see if we can modify the File I/O permission there.
Update 7/30/2014
Created test 2.0 app to do both oledb connection and read file outside of $AppDir. Put it in 2.0 app pool. Created custom trust level based on medium in 2.0 folder. Changed web config in 2.0 folder to use custom trust level.
App made Oledb connection but failed to read file outside of $AppDir. So MSDN article is incorrect. Reply on other thread referenced a reply on different thread http://forums.iis.net/p/1197427/2048658.aspx?ASP+Trust+level+web+config to create new location elements with a explicit path for the folder I want to read from. It did not work. Putting those location elements in caused all the apps on the site to fail with 500 errors.