Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.
On Sun, 08 Aug 2004 12:28:27 -0700, Jon McLin <jmclin at andigilog.com> wrote: >Here's the issue: >On a QA machine, configured as a production machine, a developer logged >in as a non-privileged user and checked out and checked in some files >(as part of our qualification plan). He used his login name in CVSROOT, >since the user logged into the PC did not have CVS privileges. The >first time he connected, a password dialog appeared. Subsequent >invocations do not result in a password dialog. This behavior persists >even though the non-privileged user has logged off of the machine, and >back on. > >The consequence of this is that the non-privileged user now effectively >has full privileges on CVS. This is a bad thing. > >Why does this occur? What is the lifetime and scope of an >authentication in CVSNT? Is there a way for forcibly terminate these >privileges? What happens is that you are using a connection string like this: :sspi:user at cvsserver:/repo Then when you connect you have to use the cvs login command, but I suspect that the Tortoise application handles this for you. In any case the net result is that you supply the password for the specified user to CVS and it is used to validate the user. Next CVS also stores the password in the registry for the currently logged on user such that it can be used later when another connection is done to the same server and repository. If you want this to stop happening you must explicitly use the cvs logout (or possibly cvs logoff, I can't remember the exact name now) because that will erase the password stored in the Registry. Now the next time the server is accessed by the user a login dialogue will appear. Note that the password is encrypted and stored in the user part of teh registry and so it is only valid for the user that is currently logged in. /Bo (Bo Berglund, developer in Sweden)