I have two web applications (pre-compiled sites), one is first-party and will run at full trust. Another is third-party and should run at partial trust (or with specific permissions).
TrustedAssembly.Web.Pages.MyPage should run in the full trust default AppDomain.
UntrustedAssembly.Web.Pages.SomePage should run in a partial trust AppDomain.
Furthermore, if TrustedAssembly.Web.Pages.MyPage dynamically loads UntrustedAssembly.Web.Controls.SomeControl is it possible to run the control in partial trust and/or with specific permissions, while the page runs under full trust?
And vice versa, e.g. UntrustedAssembly.Web.Controls.SomePage dynamically loads TrustedAssembly.Web.Controls.MyControl, is it possible to run the control in full trust while the page runs under partial trust?
Update/FYI: This is .NET 4
Doing this is likely to be a bit tricky. Here are two possible lines of thought:
The first is to run the app in Medium trust, but to place anything that you want running in full trust in the GAC, and what you want running in partial trust in bin.
Note that in your 'vice versa' scenario, the trusted control may need to perform a security 'assert' before being able to perform full trust operations. e.g.
(new SecurityPermission(SecurityPermissionFlag.UnmanagedCode)).Assert();
The second line of thought is to run the app in Full trust, but then load any assembly that you want running in Medium trust using a custom Evidence. e.g.
var evidence = new Evidence();
// Initialize the Evidence
Assembly.LoadFrom(path, evidence);
But be aware that correctly setting up the Evidence object is not for the faint of heart, and I'm not sure I would go does that path.
Not a complete answer, but hopefully some ideas that can lead to one :)