[p4] Looking for a security suggestion
Chuck Karish
chuck.karish at gmail.com
Sun Oct 14 08:00:22 PDT 2007
On 10/13/07, Ivey, William <william_ivey at bmc.com> wrote:
> The question I was just asked was "Can we give support people access
> to the repository and still keep it secure?"
This one's easy: No. Either you trust them or you don't.
> Other details I've been able to glean:
> Access might be from outside the firewall
> Maybe via https
>
> And I was asked if they can view the source code would they also be
> able to copy it (in other words, can we limit them to viewing only).
If they can read the code, how will you stop them from writing
it on a piece of paper?
> My reaction to that last is that if they can view it in any way, they
> can potentially copy it it. We could, at best, make it inconvenient.
And at the same time make it inconvenient for them to do theit
jobs.
> I said I would ask here if anyone had a good security model for such
> a situation. Anyone have any? Thanks.
>
> My own notion is they would be better off with an auto-synced
> directory on a unix machine. We can control logins, audit it, and
> shut it down immediately, if we have to, without affecting Perforce.
And deliver the content using a Web server? That would be good
for usability and for access control. It would do little to prevent
copying.
Chuck
--
Chuck Karish karish at well.com (415) 317-0182
More information about the perforce-user
mailing list