[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Windows 7 / Windows 2008, UAC, IIS8

From: Ross J Presser <rpresser_at_gmail.com>
Date: Tue, 28 Dec 2010 20:26:55 -0800 (PST)

I have read the previous discussions arguing that running TortoiseProc with elevated privileges is unnecessary, and advising that in extreme cases one should just turn off UAC. I am here to argue that it IS necessary and turning off UAC is wrong.

UAC is an important part of real server security. SVN is regularly used, at least by us, to update development websites with new versions of websites. Under IIS8, websites run in a security context that is not any user; hence when a normal user wants to update a website, he will get access denied errors EVERYWHERE unless elevated privileges are used.

Even on my development machine. I run VS.NET with elevated privileges; thus, tortoiseSVN from Windows Explorer becomes useless. I'm lucky here, though; I have a VS.NET plugin that embeds an explorer window, which runs with the current security context; so tortoise commands from here run perfectly.

I have been making do for several months with some batch files that run "Tortoiseproc.exe /command:update" in an elevated context. It's getting old. I have to write a new one for every website; if I need to load an old version, or commit, or do anything else, I have to construct a new command, painfully. What would be so horrible about properly supporting UAC?

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2694444

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2010-12-29 07:46:25 CET

This is an archived mail posted to the TortoiseSVN Users mailing list.