You can do this by implementing the UnifiedFileSystem. Read the following whitepaper to get a clue. http://www.episerver.com/downloads/Documents/TechNotes/EPiServer%204.40/Configuring%20the%20File%20System.pdf You will then be able to set the rights on the folders in the upload directory the same way you do with pages. You need v 4.31 or higher. No additional modules must be installed. It's shipped with EpiServer, but not enabled by default.

Thanks - I read about this in the book but I am getting conflicting information about which version it works in. The document you mentioned says it was introduced in 4.30. Either way I had a suspicion it was the unified system but now Ive got 2 sources that confirmed it :) /John