How to minimize exposure for a ASP.NET application?

view story

http://serverfault.com – I often need to give write permissions on a folder or a file for ASP.NET applications deployed in different environments. In which case is it better/required to give write permission to NETWORK Service rather than ASPNET user or IIS_WPG ? (HowTos)