This is usually considered to be a bad practice.  Application
configuration files should only contain values that are "configure
once".  The reasons for this vary depending on the environment you work
in. For example in Windows forms applications a least privileged user
(i.e. a non-admin/non-power user) does not have the ability to write to
application director. In ASP.Net applications you run into the problem
that when the configuration file is written to the website resets itself
(effectively crashing whatever was being worked on by the users of the
site at that point in time).

A better option is to create your own custom configuration file to
contain application settings that you want to update on the fly.  You
can then put a file watch on this custom settings file so that your
application will know to reload the settings if it ever changes. From
there you can simply use whatever means you want to read and write the
file (i.e. XmlReader/Writer, Ini Interop, StreamReader/Writer...).  Just
be sure to test with an account that represents the same security rights
and privileges that the user of the application (or the host process)
will be using or you will likely get a shock when you deploy to your
production environment.

If you are creating a Windows forms application be sure to check into
using Isolated Storage and or the Application Data or User Data folders.
 You can find information on all three of these in the help files (they
are simply locations that Windows provides to help make sure the user
has the correct privileges to write files to).  Hope this helps.

Have A Better One!

John M Deal, MCP
Necessity Software