I recently encountered intermittent 403 Forbidden errors on a Windows SharePoint Services (WSS) site. Most of the site would work, but when users accessed certain functions such as uploading a document or adding calendar items, they would receive a 403 forbidden error. The problem appeared to be intermittent, however I was able to identify a pattern to the behavior. If an administrator accessed the feature that caused the error, subsequent requests from non-administrators would succeed. This behavior is typically associated with lack of permissions to the temporary folder where Asp.Net assemblies are Just In Time compiled. To troubleshoot the issue, I used the filemon utility.
Filemon identified that the w3wp.exe was attempting to access the /bin directory in the context of the requesting user account through impersonation.
A quick check of the bin directory permissions revealed only administrators could access the bin directory, so the solution is to add server\users Read & Execute, List Folder Contents and Read permissions.