[cvsnt] cvstemp

Tony Hoyle tmh at nothing-on.tv
Wed Aug 21 17:52:00 BST 2002


On Wed, 21 Aug 2002 16:36:59 +0100, "Kevin Jones" <kevinj at develop.com>
wrote:


>So my cvstemp isn't on a network share, and is open to everyone, so is
>there some problem with impersonation in the current drop? Is there any
>way to determine the user being impersonated?
>
It's the user who is logged in to cvs in the normal case, or the user
who is listed as the real user in the passwd file if you're using
username aliases.

The resulting token is a member of Local,Interactive,Authenticated and
Everyone (and their own user), plus whatever the PDC has returned via
LsaEnumerateAccountRights. 

In the worst case opening up the directories to 'Everyone' (and making
sure that the parent directories have at least read privileges)
should always work.

You could try putting auditing on the directory.  It might give a hint
at to what's wrong.

Tony




More information about the cvsnt mailing list