SPUser myUser null; try lowUnsafeUpdates true; myUser web. OpenWeb bool oldAllowUnsafeUpdates lowUnsafeUpdates; try SPList spList sts"some list SPListItem spLisItem tItemById(someId / need to set since we are going to modify SPListItem lowUnsafeUpdates true; eakRoleInheritance(false SPRoleDefinition reader ader SPGroup someGrp oups"somegroup SPRoleAssignment roleAssignment new SPRoleAssignment(someGrp d(reader / need to set since BreakRoleInheritance method. Web and when you try to update anything such as web or list properties, list items metadata etc, you may get the exception listed above. Usually when you create your own SPSite or SPWeb objects,.e. Following is the code snippet for the same., sPWeb web rrent. The way this works is that if your application is running in an httpcontext (i.e. EnsureUser, ensureUser looks for the specified user login inside teUsers collection, and if the login isnt found, turns toActiveDirectory for the purpose of retrieving the user information from there. This problem is resolved easily by setting theAllowUnsafeUpdates of the parent web object to true. Web; lowUnsafeUpdates true; / Perform the list/list item/web update lowUnsafeUpdates false; Detail:-, the Microsoft idea behind introducing the AllowUnsafeUpdates property is to protect YOU from cross-site scripting attacks.