> I have read the previous discussions arguing that running
> TortoiseProc with elevated privileges is unnecessary, and advising
> that in extreme cases one should just turn off UAC. I am here to
> argue that it IS necessary and turning off UAC is wrong.
> UAC is an important part of real server security. SVN is regularly
> used, at least by us, to update development websites with new
> versions of websites. Under IIS8, websites run in a security
> context that is not any user; hence when a normal user wants to
> update a website, he will get access denied errors EVERYWHERE
> unless elevated privileges are used.
> Even on my development machine. I run VS.NET with elevated
> privileges; thus, tortoiseSVN from Windows Explorer becomes
You'll have to explain that one. I run Visual Studio elevated also, so I can run/dev Asp.Net apps with IIS. However, TortoiseSVN still works perfectly fine for me. I don't see how you run VS having anything to do with Tortoise?
>I'm lucky here, though; I have a VS.NET plugin that embeds
> an explorer window, which runs with the current security context;
> so tortoise commands from here run perfectly.
Right, no one said you "couldn't run" tortoise elevated. It was just said to be unnecessary.
> I have been making do for several months with some batch files that
> run "Tortoiseproc.exe /command:update" in an elevated context. It's
> getting old. I have to write a new one for every website; if I need
> to load an old version, or commit, or do anything else, I have to
> construct a new command, painfully. What would be so horrible
> about properly supporting UAC?
Of course, if you are putting your files into a place that you don't have permissions to then elevation is going to be required. That said, you should probably use svn.exe in your batch files. Although, even svn.exe will need the correct permissions if you have your WC in a system protected area.
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2010-12-29 16:38:58 CET