[cvsnt] Re: Error with 2.0.51d ends with "results may not be correct"
tmh at nodomain.org
Fri Sep 3 09:55:53 BST 2004
Gates, Donald T. wrote:
> However, it bothers me that I must grant read and list access to all the
> directories (from the root of the drive volume) all the way down to the CVS
> repository's directory. This seems wrong to me. I don't want my users to
> have the ability to traverse these directories.
To use a subdirectory you should have traverse anyway - that's the
purpose of the traverse permissions. You shouldn't need to grant read.
> Why can't the CVSNT server process use its rights (as SYSTEM, I assume) to
> traverse the intervening directories (from the volume's root down to the CVS
> repository's directory) and THEN examine the user's ACL to see if they have
> rights to the module they are trying to access? (In a sense, isn't this the
> same as the "virtualized" path to the repository's root that Tony
> implemented some years ago?)
It's not working like that. You've always needed the permissions as CVS
needs to know the correct case for all the directories in its path. The
warning (it's not an error) was added because people were getting
strange results because of the lack of permissions - warning them up
front lets them solve it without having to deal with those problems.
More information about the cvsnt