--- John <[EMAIL PROTECTED]> wrote: > By giving the aspnet account write permissions to my chosen directorys it > seems to allow my class to generate the html pages even though write > permissions is unchecked within IIS.
That's correct. The write option in IIS is a permission for the remote user, rather than the server process your code is running in. Security for the server process can and should be controlled by normal Windows security, such as NTFS permissions. > And are there any security implications if I do things this way? Not if you're careful. There's the possibility that someone will keep hitting the page to fill the hard-disk, but you've probably prevented that by your own mechanism. Just avoid giving too many permissions. Peter __________________________________________________ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com You can read messages from the DOTNET archive, unsubscribe from DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com.
