Difficulty disabling the read-only attribute on an ASP.net working

I think the "best practices" would say to put your data folder
*outside* of your web application directory structure. If your data
files are *inside* your website, then users can just navigate directly
to the files and download them using the browser. If you are not
worried about security, then don't worry about it.

When the files are *outside*, then you need to grant access to the
ASPNet worker process. Right click on the folder from file explorer
and give permission to the "user" that runs your asp.net apps. It is
usually "(machine name) \ ASPNET" for IIS 5 & WinXP or "(machine name)
\ Network Service" for IIS 6 and Win2003.

Are you using SourceControl (like visual sourcesafe)? This could be
resetting the read-only attribute whenever you "get latest".

I think the "best practices" would say to put your data folder
*outside* of your web application directory structure. If your data
files are *inside* your website, then users can just navigate directly
to the files and download them using the browser. If you are not
worried about security, then don't worry about it.

When the files are *outside*, then you need to grant access to the
ASPNet worker process. Right click on the folder from file explorer
and give permission to the "user" that runs your asp.net apps. It is
usually "(machine name) \ ASPNET" for IIS 5 & WinXP or "(machine name)
\ Network Service" for IIS 6 and Win2003.

Are you using SourceControl (like visual sourcesafe)? This could be
resetting the read-only attribute whenever you "get latest".

Hi Jeff,

I'm not sure if I've fully understood your question. However, if you're
overwriting a common file in a directory, remember your webpage could be
visited by multiple users at the same time, and they will all write to the
same file. This will certainly overwrite each other's data.

If the file is only used to collect data from user input and will be used
only once (deleted when finished using), then I would recommend use the
temporary file approach. If these files will be needed to keep for each
user, then maybe a database is more appropriate here. For example, you
could use a SQLSERVER Express database or an Access MDB database, both can
be stored at the App_Data folder, which is protected by ASP.NET and cannot
be directly visited by your user.

Sincerely,
Walter Wang (wa****@online.microsoft.com, remove 'online.')
Microsoft Online Community Support

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscripti...ult.aspx#notif
ications. If you are using Outlook Express, please make sure you clear the
check box "Tools/Options/Read: Get 300 headers at a time" to see your reply
promptly.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscripti...t/default.aspx.
==================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

Hi Jeff,

How's the status of this post?

Regards,
Walter Wang (wa****@online.microsoft.com, remove 'online.')
Microsoft Online Community Support

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

Walter thanks for your quick response.

I am using the session id to generate unique file names so I don't believe I
will have a problem with overwriting. I won't need these files again so I
am leaning toward temp space. I would like to avoid making changes to
permissions at run time.

Thanks again,

Jeff
"Walter Wang [MSFT]" wrote:

Hi Jeff,

I'm not sure if I've fully understood your question. However, if you're
overwriting a common file in a directory, remember your webpage could be
visited by multiple users at the same time, and they will all write to the
same file. This will certainly overwrite each other's data.

If the file is only used to collect data from user input and will be used
only once (deleted when finished using), then I would recommend use the
temporary file approach. If these files will be needed to keep for each
user, then maybe a database is more appropriate here. For example, you
could use a SQLSERVER Express database or an Access MDB database, both can
be stored at the App_Data folder, which is protected by ASP.NET and cannot
be directly visited by your user.

Sincerely,
Walter Wang (wa****@online.microsoft.com, remove 'online.')
Microsoft Online Community Support

==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscripti...ult.aspx#notif
ications. If you are using Outlook Express, please make sure you clear the
check box "Tools/Options/Read: Get 300 headers at a time" to see your reply
promptly.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscripti...t/default.aspx.
==================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

Thanks group reader,

It shouldn't be visual source safe because the problem can occur multiple
times without ever accessing the project. I would like to be able to set any
permissions needed once within the project. I am leaning toward temp space
as I don't need to retain these files and I suspect that Network service
probably already has permissions to this.

Thanks,

Jeff

"GroupReader" wrote:

I think the "best practices" would say to put your data folder
*outside* of your web application directory structure. If your data
files are *inside* your website, then users can just navigate directly
to the files and download them using the browser. If you are not
worried about security, then don't worry about it.

When the files are *outside*, then you need to grant access to the
ASPNet worker process. Right click on the folder from file explorer
and give permission to the "user" that runs your asp.net apps. It is
usually "(machine name) \ ASPNET" for IIS 5 & WinXP or "(machine name)
\ Network Service" for IIS 6 and Win2003.

Are you using SourceControl (like visual sourcesafe)? This could be
resetting the read-only attribute whenever you "get latest".

Hi Jeff,

Thanks for the update. Please feel free to let me know if you have anything
else unclear when using the temporary file approach.

Regards,
Walter Wang (wa****@online.microsoft.com, remove 'online.')
Microsoft Online Community Support

==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================

This posting is provided "AS IS" with no warranties, and confers no rights.