[p4] Looking for a security suggestion
Jeff A. Bowles
jab at pobox.com
Sun Oct 21 13:17:09 PDT 2007
Ultimately, I think that Chuck Karish put it very well in an earlier
email: you trust people to read the files, or you do not trust them.
If the content of the files is available and human-readable in any
way, then it is electronically reproducible. There might be a
time-lag to retype it and to toss away typos, but it's available.
The elaborate sorta-solutions I see later in this thread look like
solutions that are looking for problems to solve, not real solutions.
What was the original, high-level need that all this is supposedly addressing?
I think that it was "I want support-folk to be able to see the source
to be able to support the product and answer questions that might not
be addressed in the documentation." That's a very reasonable business
need, but perhaps the answer revolves around corporate culture ("you
must never send out non-official packages or binaries, and if you do
you will be transferred to a position that will not have that ability
and might find yourself in a compromised position, career-wise") and
build-system mechanisms that make it easy to tell an official-build
from a one-off thing that was sent out by a rogue developer or
support-folk.
Aside: sometimes a good developer will include debugging code
SPECIFICALLY for support-folk to triage problems before filing bug
reports. Would you want to deny a developer from making such code
available to the technical folks in support who would use it to help
out the development process and save development time?
-Jeff Bowles
ps. I specifically am thinking of "support-folk" as "technical people
providing technical support" and not "helpdesk clerical staff".
Different companies staff those positions in different ways.
On 10/17/07, Ivey, William <william_ivey at bmc.com> wrote:
> Hmm, I think I'll let them do that if they want...
>
> I'll also let them find the bandwith for 60 megapixel
> images :-)
>
> -Wm
>
>
> -----Original Message-----
> From: alex.pavloff at l-3com.com [mailto:alex.pavloff at l-3com.com]
> Sent: Wednesday, October 17, 2007 1:42 PM
>
> Write a web application that reads a subset of the depot, converts the
> text to a graphics file, adds random speckles and noise to the image to
> prevent OCRing, and put that on the screen.
>
> -Alex
>
> _______________________________________________
> perforce-user mailing list - perforce-user at perforce.com
> http://maillist.perforce.com/mailman/listinfo/perforce-user
>
--
---
Jeff Bowles - jeff.a.bowles at gmail.com
More information about the perforce-user
mailing list