[cvsnt] Re: permission denied when users are not admins on the server (using :pserver:)
Glen Starrett
glen at starretthome.net
Thu Dec 22 15:24:14 GMT 2005
Oliver Giesen wrote:
> Glen Starrett wrote:
>
>
>>Traversal is an advanced right. You could assign 'read' as a basic
>>right that includes traversal (I usually do).
>
>
> Ah thanks, found it now. I'll pass that on to the customer. Wouldn't
> really matter anymore to him, though. I convinced him of using :sspi:
> on the default port in the end... ;)
>
> Still, I'm curious why there obviously are different requirements for
> NTFS privileges depending on which authentication protocol is used...
> Any ideas?
SSPI uses impersonation, so CVSNT *is* the user when doing the
traversals to the repository. When not in SSPI, it's not -- I would
guess their user accounts have more permissions on the paths than their
'run as' user has (default is SYSTEM for all I think).
--
Glen Starrett
More information about the cvsnt
mailing list