LISTSERV - HP3000-L Archives

HP3000-L Archives

June 1997, Week 1

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L June 1997, Week 1

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: restricting group access
From:	Larry Austin <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Thu, 5 Jun 1997 08:59:59 CST
Content-Type:	text/plain
Parts/Attachments:	text/plain (47 lines)

     Greg wrote...

     Hi all.

     I've been racking my brains trying to figure out a way of putting
     certain groups in our development account off-limits.  I'm trying to
     set up source control procedures, such that the original files are
     kept in the "secure" groups.  Scripts will be used to control taking
     files out of the groups to edit & saving changed or new files into the
     groups.  I would like to be able to prevent any programmer from easily
     bypassing the system (this would be mainly due to laziness or
     forgetfulness).   Specifically, I would like the "secure" groups to
     have read access only, so that searches for strings and similar
     operations are possible, and the scripts would be able to then
     retrieve from or save to those groups.

     All our programmers have AM capability, we have the Vesoft trilogy
     (MPEX, Security & Veaudit) and are on MPE/iX 5.5.

     Anyone got any hints or ideas?  I don't think we need to buy a
     full-blown source control package.

     ***

     Since you have MPEX/Security/VEAudit, Consider removing 'AM' caps from
     programming staff.. Develop command files that use 'WITHCAPS "AM",..."
     for your check-in, check-out and any other functions where 'AM' caps
     are required on a limited basis.

     I've found that it is much more difficult to control the 'Executable'
     side of the equation than the 'Source' side.  After all, the whole
     idea is to ensure that your production executable programs are derived
     from the source code that you're trying to protect.  This requires
     either some solid procedures and a great deal of discipline or very
     limited access to your production environment.

     You should also bear in mind that the key element in any version
     control process is discipline.  Whether you have a full blown state of
     the art VCS, a few simple scripts or a manual process, is not relevant
     if it is not consistently used by ALL of your programmers.

     Just my opinion and it should be yours too.  Good Luck..

     L. Austin
     Admin. Computer Operations
     MagneTek, Inc.

ATOM RSS1 RSS2

RAVEN.UTC.EDU