This post originated from an RSS feed registered with .NET Buzz
by Korby Parnell.
Original Post: VSS Security Tip
Feed Title: Korby Parnell
Feed URL: /msdnerror.htm?aspxerrorpath=/korbyp/Rss.aspx
Feed Description: Copyright 2003 Korby Parnell Fri, 01 Aug 2003 10:03:48 GMT ChrisAn's BlogX korbyp@microsoft.com korbyp@microsoft.com Alex Lowe Joins Microsoft http://blogs.gotdotnet.com/korbyp/permalink.aspx/536bb108-6a66-4dc6-8847-69f4d799bb55 http://blogs.gotdotnet.com/korbyp/permalink.aspx/536bb108-6a66-4dc6-8847-69f4d799bb55 Fri, 01 Aug 2003 10:03:48 GMT From ASP.NET MVP to Microsoft .NET Evangelist. Success is the domain of good guys. Welcome aboard Alex. I look forward to meeting you in person. Thanks to ScottW for posting the big announcement. Este mensaje se proporciona "como está" sin garantías de ninguna clase, y no otorga ningún derecho.
When talking to my feature team, I often refer
to "VSS security"--which basically consists of user rights and permissions--as
the "the façade". Forget
what you know about tiered development and façade
layers for a moment. I use the word façade
quite literally. The security of a
Visual SourceSafe database is only as good as the security of
the physical folder or share in which it resides.
That being said, one of the easiest things you can do to improve the security
of your VSS installation is to hide the network share(s) containing your
database. You can do this by adding the '$' symbol to the end of
the share name. I've never understood why the Windows team hasn't
added an option like, "Hide this Share on the Network". Maybe they have and
I've just missed it... Anyway, to hide a share from remote users in WindowsXP
and Windows .NET Server:
Right-click the database folder, click Properties, and
then select the Sharing tab.
Click Do not share this folder and then click
OK.
Right-click the unshared database folder, click
Properties, and then select the Sharing tab.
Click Share this folder and in the Share
name box, type the name of your share followed by a '$' symbol (e.g.,
VSSLibrary$), and then click OK.
Of course, if you hide your database
shares, your users won't be able to find them on the network.
Thus, when creating a new database or changing the name of an existing
database share, you must tell your VSS users the exact path to the new database
share so that they can add the database (in this case
\\computername\VSSLibrary) to the list of Available
databases in the Open SourceSafe Database
dialog
box.
This posting is
provided "AS IS" with no warranties, and confers no rights. Microsoft kann
für die Richtigkeit und Vollständigkeit der Inhalte in dieser Newsgroup keine
Haftung übernehmen. Este mensaje se proporciona "como está" sin garantías
de ninguna clase, y no otorga ningún derecho.