Subject: | |
From: | |
Reply To: | |
Date: | Thu, 5 Jun 1997 08:59:59 CST |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Greg wrote...
Hi all.
I've been racking my brains trying to figure out a way of putting
certain groups in our development account off-limits. I'm trying to
set up source control procedures, such that the original files are
kept in the "secure" groups. Scripts will be used to control taking
files out of the groups to edit & saving changed or new files into the
groups. I would like to be able to prevent any programmer from easily
bypassing the system (this would be mainly due to laziness or
forgetfulness). Specifically, I would like the "secure" groups to
have read access only, so that searches for strings and similar
operations are possible, and the scripts would be able to then
retrieve from or save to those groups.
All our programmers have AM capability, we have the Vesoft trilogy
(MPEX, Security & Veaudit) and are on MPE/iX 5.5.
Anyone got any hints or ideas? I don't think we need to buy a
full-blown source control package.
***
Since you have MPEX/Security/VEAudit, Consider removing 'AM' caps from
programming staff.. Develop command files that use 'WITHCAPS "AM",..."
for your check-in, check-out and any other functions where 'AM' caps
are required on a limited basis.
I've found that it is much more difficult to control the 'Executable'
side of the equation than the 'Source' side. After all, the whole
idea is to ensure that your production executable programs are derived
from the source code that you're trying to protect. This requires
either some solid procedures and a great deal of discipline or very
limited access to your production environment.
You should also bear in mind that the key element in any version
control process is discipline. Whether you have a full blown state of
the art VCS, a few simple scripts or a manual process, is not relevant
if it is not consistently used by ALL of your programmers.
Just my opinion and it should be yours too. Good Luck..
L. Austin
Admin. Computer Operations
MagneTek, Inc.
|
|
|