About access to the ' path is denied problem resolution

Before the comparison often encountered this problem, that is, the Web site files do not have access rights (more is not modify the permissions, because generally have everyone's Read permission), to say that solve this problem is very simple, directly to the Everyone user group to add Modify permission is good

Method: On the directory or file to be manipulated by right-clicking = "Property =" Safe, click Add button, enter everyone, click OK, and then check the Allow modification on the OK

But there are some security risks in doing so, think about it, any one can edit the files on your website.

I have also searched a lot of posts before, and they are written to the ASPNET user to add permissions, but actually after I test, This can be done on the IIS5.0, but not in IIS6 (Win2003), all users (not the user group) have added write test again, not, I wonder, the operation of Windows files must be users, why the user plus Modify permissions is not it.

Later thought of the Windows2003 log function, it can record files and directory related logs, start this audit policy:

1, open the "management tool" in the local security policy, find the "local policy" = "Audit policy, double-click on the right" Audit object access ", hook success, failure;

2, point start = "Run, input: gpupdate, update the above changes;"

3, casually find a website file, press right = "property =" Safe, click the Advanced button, enter the "Audit" tab, add point, enter everyone, point OK, come out the following window, check "Change Permissions" (below we want to modify this file through the Web page), the last way to determine;

Now we edit a Web page, can be in the background through the code to modify and save the file, and open IE, access to the previous page, after the successful editing (plus everyone's Modify permissions),

We go into the server's Event Viewer, in security, we can see the log associated with this file,

I finally found out it was network service. This built-in security principal is operating (why the built-in security principal, not the user, I don't know)

It just describes one of my ideas and also tells you how to use the Windows File directory auditing feature ^_^

Remark: After I find out is Network service, then to search Network service, found that online has a lot of answers, depressed ...

The most depressing thing is that when I look at the access to the "path is denied problem page, I find it clearly reads:

ASP.net has a base process identity (typically {machine}/ASPNET on IIS 5 or network Service on IIS 6) This is use D If the application is not impersonating

Once again depressed ........ .....