Trust Levels

Trust levels are the foundation of file and dialog control. Each level sets the overall posture of a session toward the file system, and the built-in policy sets are named after them.

The four levels

LevelPostureTypical use
notrustMost restrictive. File access is denied or tightly mediated through controlled, browser-native dialogs.Sensitive applications; untrusted users; default starting point.
lowtrustLimited access to a constrained set of locations.Standard business users who need a defined working area.
fulltrustBroad file-system access with minimal mediation.Trusted administrators or applications that genuinely require it.
disposableEphemeral working area; files do not persist beyond the session.Throwaway tasks and high-isolation scenarios.

What a trust level affects

Under a restrictive trust level, file dialogs are mediated by a browser-native experience.

Choosing a level

Start at notrust and raise the level only where a workflow genuinely requires it. Most line-of-business applications work well at lowtrust with a small set of path rules. Reserve fulltrust for trusted operators. To apply a level, set it on the Security tab of a policy set — see File Access Policies.