Required Access Control Lists (ACLs) for ASP.NET
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1
The following table shows which type of access permissions ASP.NET must have in order to access the listed locations.
| Location | Access type | Account | Comments |
|---|---|---|---|
installroot\ASP.NET Temporary Files |
Read/Write/Execute |
Process or configured impersonation. |
This is the location for dynamically compiled files. Beneath this location, application code generation takes place in a discrete directory for each application. The root location itself can be configured using the tempDir attribute of the <compilation> section. |
systemroot\assembly |
Read/Execute |
Process or configured impersonation. |
This is the location of the global assembly cache. |
systemroot\system32 |
Read/Execute |
Process |
Contains system DLLs loaded by the .NET Framework. |
systemroot\temp |
Read/write/delete |
Process |
Used for XML Web services support. |
userprofile directory |
Read/write |
Process |
Used by the global assembly cache lock files and the common language runtime security configuration caching mechanism. If the user profile directory for the account does not exist, ASP.NET will use the default userprofile directory. |
application directory |
Read |
Process or configured impersonation. |
This is the location for application files. |
installroot hierarchy |
Read/Execute |
Process or configured impersonation |
ASP.NET must be able to access the system assemblies referenced in the Machine.config file in the config subdirectory under installroot. |
Default Web Site monitoring |
Read |
Process |
Used for file change notification monitoring. |