Delen via


ASP.NET Required Access Control Lists (ACLs)

The following table shows which type of file and folder permissions the identity of an ASP.NET Web application must have in order to function properly. Some permissions are required only by the account that the ASP.NET process is running as, while others are required by any impersonated account also. For more information, see ASP.NET Impersonation.

Location

Access type

Account

Comments

%SystemRoot%\Microsoft.NET\Framework\versionNumber\Temporary ASP.NET Files

Read/write

Process or configured impersonation.

This is the location for dynamically compiled files. Beneath this location, application code generation takes place in a discrete directory for each application. You can configure the root location using the tempDir attribute of the <compilation> configuration section.

%SystemRoot%\assembly

Read

Process or configured impersonation.

This is the location of the global assembly cache (GAC).

%SystemRoot%\System32

Read

Process

Contains system DLLs loaded by the .NET Framework.

%SystemRoot%\Temp

Read/write/delete

Process

Used for Web services support.

User profile directory

Read/write

Process

Used by the GAC cache lock files and the security configuration caching mechanism of the common language runtime. If the user profile directory for the account does not exist, ASP.NET uses the default user profile directory.

Web application directory

Read

Process or configured impersonation.

This is the location for application files.

Web application directory\App_Data

Read/write

Process or configured impersonation.

This is the default location for data files in an ASP.NET Web application. If your application uses the App_Data subdirectory, the ASP.NET process must be able to write to the directory and for some databases, to be able to create temporary files in the subdirectory.

%SystemRoot%\Microsoft.NET\Framework\version and subdirectories

Read

Process or configured impersonation

ASP.NET must be able to access the system assemblies referenced in the Machine.config file in the CONFIG subdirectory under %SystemRoot%\Microsoft.NET\Framework\version\.

See Also

Other Resources

ASP.NET Web Application Security