Permissions to install Themes, Widgets, Components and to configure them

Topics: Controls, Themes
Jun 20, 2012 at 2:01 PM

Second Newbie question...

In the installation instructions of blogengine it is specified that the ASP.Net user needs to have full control only on the App_Data folder. But I've noticed that to modify settings for the Captcha components it is necessary for the user to be able to write on the web.config of the application.

Installing the themes mean that the user needs permissions to write on the themes folder and sometimes the themes don't install or don't work because they need to write in other folders.

Installing components and Widgets has the same problem.

Now what permissions do I have to give to the ASP.Net service user to be sure the blog administrator can do all the administrative tasks on the blog.

Thank you in advance.

Jun 20, 2012 at 2:45 PM

Yes, you absolutely right. At a minimum, App_Data needs write access. But for full admin functionality:

/app_code/extensions - to install extensions at runtime.

/scripts - extensions might use this to add custom javascripts

/styles - for custom styles

/themes - to install themes from gallery at runtime

/user controls - can be used to install custom controls, for example extensions use it to install custom admin page

/widgets - to install widgets from gallery

/web.config - it is not really modified, but used to restart IIS by changing time stamp and forcing application pool to recycle.

It is all *optional* and for locked down environment can be read only, with admin functionality limited.