SharePoint MOSS 2007: Request for the permission of type ‘System.Data.SqlClient.SqlClientPermission, …’ failed - Part II
I suddenly realized I should just be using the medium policy rather than the minimal policy for all my web applications using custom Web Parts. It just so happens you can indeed change the policy used by the entire web application right in the web.config using the following element:
<trust level="WSS_Medium" originUrl="" />
...where the trust level is one already defined in the <securityPolicy> section of your web.config file.
You'll find that a web application created by sharepoint defines two policies for you by default in the web.config file:
<securityPolicy>
<trustLevel name="WSS_Medium" policyFile="C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\config\wss_mediumtrust.config" />
<trustLevel name="WSS_Minimal" policyFile="C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\config\wss_minimaltrust.config" />
</securityPolicy>
I assume they did this specifically for custom development (thank god!). In a standard sharepoint install without any custom development work, the minimal policy is perfect (and probably much more secure). If youre doing any custom webparts or server side controls though, do yourself a favor and switch to the medium policy right from the start.