Under the traditional CVS execution model, the server runs as the user checking in the file. For some security requirements this is inadequate, so CVSNT also provides a RunAsUser parameter (in the /etc/cvsnt/PServer or the in the registry under Windows). If this is set, the server always runs as the specified user, who should be a nonprivileged user who has read/write access only to the repository files. See also the section called “Running within a chroot jail”.