[cvsnt] Re: permission denied when users are not admins on the server (using :pserver:)

Glen Starrett glen at starretthome.net
Thu Dec 22 15:24:14 GMT 2005


Oliver Giesen wrote:
> Glen Starrett wrote:
> 
> 
>>Traversal is an advanced right.  You could assign 'read' as a basic
>>right that includes traversal (I usually do).
> 
> 
> Ah thanks, found it now. I'll pass that on to the customer. Wouldn't
> really matter anymore to him, though. I convinced him of using :sspi:
> on the default port in the end... ;)
> 
> Still, I'm curious why there obviously are different requirements for
> NTFS privileges depending on which authentication protocol is used...
> Any ideas?

SSPI uses impersonation, so CVSNT *is* the user when doing the 
traversals to the repository.  When not in SSPI, it's not -- I would 
guess their user accounts have more permissions on the paths than their 
'run as' user has (default is SYSTEM for all I think).


-- 
Glen Starrett



More information about the cvsnt mailing list