[p4] Looking for a security suggestion
Ivey, William
william_ivey at bmc.com
Sat Oct 13 21:10:07 PDT 2007
The question I was just asked was "Can we give support people access
to the repository and still keep it secure?"
Other details I've been able to glean:
Access might be from outside the firewall
Maybe via https
And I was asked if they can view the source code would they also be
able to copy it (in other words, can we limit them to viewing only).
My reaction to that last is that if they can view it in any way, they
can potentially copy it it. We could, at best, make it inconvenient.
I said I would ask here if anyone had a good security model for such
a situation. Anyone have any? Thanks.
My own notion is they would be better off with an auto-synced
directory on a unix machine. We can control logins, audit it, and
shut it down immediately, if we have to, without affecting Perforce.
-Wm
More information about the perforce-user
mailing list