I developed an application client-server based where an user, using a
Http/Tcp .Net remoting connection, can open a tool to build aspx pages. On
its turn, these pages can be visited through a web browser resident on the
client application. In order to avoid the user can include a malicious code
in codebehind file (for instance File.Delete(path)), I want to limit the
access of the remote resources. For this goal, I have modified the web.config
file adding the following code:

<securityPolicy>
<trustLevel name="Custom" policyFile="web_CustomTrust.config" />
</securityPolicy>
<trust level="Custom" originUrl="" />

where web_CustomTrust.config is custom config file.
Actually this file coincides with web_hightrust.config fetched from
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONF IG.
However, through this file authorizes high trust level of access, when I try
to see the page using the web browser, an error occurs in the global.asax so
defined:

Exception Details: System.Security.SecurityException: Request for the
permission of type 'System.Security.Permissions.SecurityPermission, mscorlib,
Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:


Line 148: Application["remoteService"] = texService;
Line 149: }
Line 150: }
Line 151: }
Line 152:}

Can someone suggest how I can modify my web_CustomTrust.config to avoid this
problem ?
Thanks and best regards.