WCF REST Service - 401 Unauthorized

We're in the process of developing a WCF REST web service which just receives a bunch of arbitrary text from any anonymous user and then performs some processing on the back end.

For example, here's one method from our web service:

[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]
public class MyRESTService : IMyRESTService
{
    [WebInvoke(Method = "PUT", UriTemplate = "/MyRESTMethod?paramA={paramA}&paramB={paramB}")]
    public Stream MyRESTMethod(string paramA, string paramB, Stream rawData)
    {
        //do some stuff...
    }
}

If we just use the default IIS settings we get a (401) Unauthorized. However, after much trial and error we figured out that we could get it to work by giving WRITE access to 'Everyone' on the actual .svc file for our service.

My question is: why in the world would IIS need to have WRITE access to an .svc file for this to work? Is there a better way or am I stuck with this hackish (and possibly insecure) workaround?

WTF Microsoft?

Possibly related:

• PUT and DELETE in RESTful WCF Service cause 401 Unauthorized error
• IIS7 Post/Put/Patch/Delete WCF oData - Authentication Failure 401.3