ASP.NET Required Access Control Lists (ACLs)
The following table shows which type of access permissions ASP.NET must have in order to access the listed locations.
Location | Access type | Account | Comments |
---|---|---|---|
installroot\ASP.NET Temporary Files | Read/write | Process or configured impersonation. | This is the location for dynamically compiled files. Beneath this location, application code generation takes place in a discrete directory for each application. The root location itself can be configured using the tempDir attribute of the <compilation> section. |
systemroot\assembly | Read | Process or configured impersonation. | This is the location of the global assembly cache. |
systemroot\system32 | R | Process | Contains system DLLs loaded by the .NET Framework. |
systemroot\temp | Read/write/delete | Process | Used for web services support. |
userprofile directory | Read/write | Process | Used by the global assembly cache lock files and the common language runtime security configuration caching mechanism. If the user profile directory for the account doesn't exist, ASP.NET will use the default userprofile directory. |
application directory | Read | Process or configured impersonation. | This is the location for application files. |
installroot hierarchy | Read | Process or configured impersonation | ASP.NET must be able to access the system assemblies referenced in the Machine.config file in the config subdirectory under installroot. |
Default Web Site monitoring. | Read | Process | Used for file change notification monitoring. |