According to this MSDN article about medium trust, under medium-trust:

FileIOPermission is restricted. This
means you can only access files in
your application’s virtual directory
hierarchy. Your application is granted
Read, Write, Append, and PathDiscovery
permissions for your application’s
virtual directory hierarchy.

However, for my current hosting provider runs applications under medium-trust and when I try to read/write a file in the application’s root folder, I get a access to path 'myfile.xml' denied error.

This file is read using the following bit of code

XElement file = XElement.Load(HttpContext.Current.Server.MapPath("~/myfile.xml"));

Update Full Error:

Access to the path
‘C:\WebSites\mywebsite\myfile.xml’ is
denied.

Description: An unhandled exception
occurred during the execution of the
current web request. Please review the
stack trace for more information about
the error and where it originated in
the code.

Exception Details:
System.UnauthorizedAccessException:
Access to the path
‘C:\WebSites\mywebsite\myfile.xml’ is
denied.

ASP.NET is not authorized to access
the requested resource. Consider
granting access rights to the resource
to the ASP.NET request identity.
ASP.NET has a base process identity
(typically {MACHINE}\ASPNET on IIS 5
or Network Service on IIS 6 and IIS 7,
and the configured application pool
identity on IIS 7.5) that is used if
the application is not impersonating.
If the application is impersonating
via ,
the identity will be the anonymous
user (typically IUSR_MACHINENAME) or
the authenticated request user.

To grant ASP.NET access to a file,
right-click the file in Explorer,
choose “Properties” and select the
Security tab. Click “Add” to add the
appropriate user or group. Highlight
the ASP.NET account, and check the
boxes for the desired access.

Source Error:

An unhandled exception was generated
during the execution of the current
web request. Information regarding the
origin and location of the exception
can be identified using the exception
stack trace below.

Stack Trace:

[UnauthorizedAccessException: Access
to the path
‘C:\WebSites\mywebsite\myfile.xml’ is
denied.]
System.IO.__Error.WinIOError(Int32
errorCode, String maybeFullPath)
+12892935 System.IO.FileStream.Init(String path,
FileMode mode, FileAccess access,
Int32 rights, Boolean useRights,
FileShare share, Int32 bufferSize,
FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String
msgPath, Boolean bFromProxy, Boolean
useLongPath) +2481
System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess
access, FileShare share, Int32
bufferSize, FileOptions options,
String msgPath, Boolean bFromProxy)
+229 System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess
access, FileShare share) +102
System.Xml.XmlWriterSettings.CreateWriter(String
outputFileName) +5224496
System.Xml.Linq.XElement.Save(String
fileName, SaveOptions options) +108
mesoBoard.Services.SiteConfig.UpdateCache()
+1971 mesoBoard.Web.MvcApplication.OnApplicationStarted()
+62 Ninject.Web.Mvc.NinjectHttpApplication.Application_Start()
+604

[HttpException (0x80004005): Access to
the path
‘C:\WebSites\mywebsite\myfile.xml’ is
denied.]
System.Web.HttpApplicationFactory.EnsureAppStartCalledForIntegratedMode(HttpContext
context, HttpApplication app) +3985477
System.Web.HttpApplication.RegisterEventSubscriptionsWithIIS(IntPtr
appContext, HttpContext context,
MethodInfo[] handlers) +191
System.Web.HttpApplication.InitSpecial(HttpApplicationState
state, MethodInfo[] handlers, IntPtr
appContext, HttpContext context) +325
System.Web.HttpApplicationFactory.GetSpecialApplicationInstance(IntPtr
appContext, HttpContext context) +407
System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr
appContext) +375

[HttpException (0x80004005): Access to
the path
‘C:\WebSites\mywebsite\myfile.xml’ is
denied.]
System.Web.HttpRuntime.FirstRequestInit(HttpContext
context) +11524352
System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext
context) +141
System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest
wr, HttpContext context) +4782309