Configuring ASP.NET File Upload Security Permissions on Upload or Download Folders
It is a common application that web sites or web applications allow users to upload files to storage folders or file storage databases.
But sometimes configuring security NTFS permissions for download or upload folders may be confusing and frustrating.
For ASP.NET applications, IIS (Internet Information Server) let's the ASP.NET machine account to process the asp.net web requests.
Here you can find screenshot summarizing and displaying how the ACL (Access Control Lists) is arranged for an upload folder for an ASP.NET web site application.
In this sample we have a donwload folder named FSBDownloads.
This download/upload folder is configured as a virtual folder in the IIS console with an alias name "Documents".
Using the IIS Management Console, the Documents virtual folder is configured as shown in the below screenshot.
The Documents folder is allowed for "Write" which differs upload folders from ordinary web application folders.
On the other side, if we put the web server aside, if we look at the security properties of the download/upload folders for file system security, you can see that the ASP.NET Machine Account is configured with Modify (and also Write) permissions on the folder ACL.