Chinese
Position:home>Safety sense>
Brief introduction of security of Visual SourceSafe database
From;    Author:Stand originally

Brief introduction
The article applies to need to have the user of Visual SourceSafe (VSS) of the following operation: Establish the VSS database, limits of authority that grants other user to visit the file that includes a database to share, perhaps mix in attributive of user of the management in VSS Administrator program undertake task allocation.
  
Term

"Safe " it is to be based on Windows user credential and attributive to have pilot process to the visit of resource.
  
"Attributive " be go up with this locality resource or network share resource (for example file, catalog or printer) associated a few regulation, can grant group and global group, can award individual Windows the user even. When granting Windows limits of authority, assigned the visit rank of group or user namely.
  
"Operating system or file system security " in every time Windows user and share jurisdiction of the examination when resource is alternant, in order to affirm this user has a needed limits of authority. For example, if the user tries to save a file in a certain folder, must have this folder write attributive.
  
"Share " make other user can visit Windows resource (for example folder and printer) . Share resource attributive to make certain Windows user only OK through the network the visit shares resource. The administrator that shares folder grants Windows user corresponding limits of authority, make its have pair of folder to reach its child the long-range visit attributive of folder. Share Windows resource and the file in sharing VSS and project to differ.
  
In VSS " attributive " appoint what VSS user to have the limits of authority that visits specific VSS project. The user that 4 kinds of level include in VSS visits attributive: Read take, the lot goes / the autograph is entered, add / name again / delete and destroy. The new user that can be a database assigns acquiescent rank.
  
In VSS " task allocation " the VSS user visit that can be appointed what VSS project.
  
"VSS database folder " it is Windows folder, the Srcsafe.ini file that it includes a database and other VSS folder (for example Data and Users) .
  
Protect database and administrative user
Through appointing each users in VSS database or the visit attributive of each projects, VSS Administrator program provided the tool that runs VSS user. But, want to protect a database truly, must use the security with compositive Windows to limit the visit of pair of VSS folder, the method is setting folder share and install complete limits of authority. Following plan institute are shown, the security of the VSS database that share shares network folder with its place only identical. Found a database or add / when deleting VSS user, can be installed or change database folder share jurisdiction, decide measure to enhance Windows security according to database lock thereby. Otherwise, the cankered user on the network can bypass easily VSS user attributive and task allocation are transparent wall. Do not rely on VSS to protect data please: Even if read-only VSS user is OK also can visit from them VSS database is deleted in sharing network folder.
Previous12 Next