Use SPSecurity.RunWithElevatedPrivileges for all disk operations because incoming user is unlikely to have permissions to write anything to server's file system.
SPSecurity.RunWithElevatedPrivileges(delegate()
{
// open/write/close file here.
// Avoid touching SPxxxx objects from outside of this delegate
});