[cvsnt] access control on clients (not users)
Suresh Venkateswaran
suresh.venkateswaran at us.ibm.com
Fri Nov 14 18:34:22 GMT 2003
All,
Does the CVSNT server identify the client machine from which a request is
being made? If so, how does it do it? IP address? I am using the pserver
protocol (cant use sspi because its not one of the options supported by
Eclipse).
I am looking for a way to specify an acceptable range of client machines
from which the server should accept requests. Any help in this direction
would be much appreciated.
Cheers,
Suresh Venkateswaran.
"Glen Starrett"
<grstarrett at cox.n To: "'Morris, Jason'" <jason.morris at intel.com>, <cvsnt at cvsnt.org>
et> cc:
Sent by: Subject: RE: [cvsnt] CVSNT Security using NTFS questions
cvsnt-bounces at cvs
nt.org
11/12/2003 11:47
AM
> Another question I have is what if you have conflicting privileges
> granted between NTFS and the writers file...which permissions will CVS
> use?
>
> Say UserA has RO NTFS permission on a module, however UserA
> is listed in
> the writers file...will UserA be allowed to commit? How about vice
> versa?
It's an AND relationship. CVSNT doesn't check the NTFS permissions
directly, it impersonates the user. If the user is attempting to check in
files, CVSNT does check the writers file. So both NTFS permissions and the
writers file (if present) need to grant the user the rights to commit
changes.
In your example, CVSNT would try to commit but be stopped by the NTFS
permissions. Result: denied.
Regards,
Glen Starrett
_______________________________________________
cvsnt mailing list
cvsnt at cvsnt.org
http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt
More information about the cvsnt
mailing list