Article ID: 2564833 - View products that this article applies to.
By default, the web.config of a SharePoint web application contains the <identity impersonate="true" /> element that allows the application to impersonate the currently logged on user. Any change in this configuration is not supported.
Disabling impersonation by changing the value of the impersonate element from 'True' to 'False' provides every logged on user with the application pool account privileges (the highest level of permissions) regardless of their actual rights in SharePoint.
(http://go.microsoft.com/fwlink/?LinkId=151500)for other considerations.