Essential.Diagnostics contains additional trace listeners, filters and utility classes for the .NET Framework System.Diagnostics trace logging. Included are colored console, SQL database, rolling file, Seq logging server, and in-memory trace listeners, expression filters, activity and logical operation scopes, and configuration file monitoring.
Microsoft Reciprocal License
69
stars
25
forks
source link
Add MinimumTrustTraceSource; for use in low-trust environments #3
One issue with the framework TraceSource is that it doesn't work in low trust environments, such as those sometimes provided by web hosting companies. The reason behind this is supposedly security because arbitrary listener code can be injected by changing the config file (this code would then run in an elevated security context).
This is probably not for normal application logging as if you can change DLLs it would be easier to inject code by simply replacing the DLL, however I suppose the worry is call backs into tracing code may be made from some system components running with elevated permissions.
The idea would be to provide a syntactically equivalent trace source that makes it easy to change existing tracing code to work in a low trust environment with minimum change.
Calls from developer code would be traced by the low trust source as well as the system source, however system tracing (e.g. from System.Net, WIF, WCF, etc) will only be seen by the system source (i.e. still untraceable in low trust environments).
Not entirely sure of the best way to implement this (it needs more investigation - maybe there is already a solution), but I'd hate to lose developers to non-framework solutions simply because of the low trust issue.
One issue with the framework TraceSource is that it doesn't work in low trust environments, such as those sometimes provided by web hosting companies. The reason behind this is supposedly security because arbitrary listener code can be injected by changing the config file (this code would then run in an elevated security context).
This is probably not for normal application logging as if you can change DLLs it would be easier to inject code by simply replacing the DLL, however I suppose the worry is call backs into tracing code may be made from some system components running with elevated permissions.
The idea would be to provide a syntactically equivalent trace source that makes it easy to change existing tracing code to work in a low trust environment with minimum change.
Calls from developer code would be traced by the low trust source as well as the system source, however system tracing (e.g. from System.Net, WIF, WCF, etc) will only be seen by the system source (i.e. still untraceable in low trust environments).
Not entirely sure of the best way to implement this (it needs more investigation - maybe there is already a solution), but I'd hate to lose developers to non-framework solutions simply because of the low trust issue.