This project is read-only.

Security concerns.. how does this work?

Feb 29, 2008 at 2:48 PM
I really like this kit and would love to use it to make my site, however I have some concerns about how it works.. From what I can tell you have to give 'modify' level access to the appdata folder for the IISUser account. (or is it some other account?)

1) What are the security issues with doing this? It seems to me that allowing that sort of access to the website folder would open security holes.

2) Does the rest of the site also need 'modify' access or only that one folder?

3) Can the location of this app_data folder be moved if necessary? (i.e. host doesnt allow 'modify' access inside the web site)