This documentation is archived and is not being maintained.

ASP.NET Required Access Control Lists (ACLs)

The following table shows which type of access permissions ASP.NET must have in order to access the listed locations.

LocationAccess typeAccountComments
installroot\ASP.NET Temporary FilesRead/writeProcess or configured impersonation.This is the location for dynamically compiled files. Beneath this location, application code generation takes place in a discrete directory for each application. The root location itself can be configured using the tempDir attribute of the <compilation> section.
systemroot\assemblyReadProcess or configured impersonation.This is the location of the global assembly cache.
systemroot\system32RProcessContains system DLLs loaded by the .NET Framework.
systemroot\tempRead/write/deleteProcessUsed for web services support.
userprofile directoryRead/writeProcessUsed by the global assembly cache lock files and the common language runtime security configuration caching mechanism. If the user profile directory for the account doesn't exist, ASP.NET will use the default userprofile directory.
application directoryReadProcess or configured impersonation.This is the location for application files.
installroot hierarchyReadProcess or configured impersonationASP.NET must be able to access the system assemblies referenced in the Machine.config file in the config subdirectory under installroot.
Default Web Site monitoring.ReadProcessUsed for file change notification monitoring.

See Also

ASP.NET Web Application Security