Need a new level of security.

Evaluator · Post by **Evaluator** » Tue Mar 16, 2004 11:51 pm

Hi Sourcegear Team,

I have look into a few vendors making sourcecontrol applications and found SourceGear.

I have learn the features of all 3 products of your sourcecontrol apps, however none of them seems like to offer the functionality that we need. Our requirements are below, and please let me know if it is possible:

1. Source files in a project must be user-level security.
Example: 1 project contains 10 files, and the project is accessible by 3 developers. However, developer A can access all files, developer B can "only" access 4 files, developer C can "only" access the other 2 files. Both B and C "CAN'T" access the other files because it is high severity codes and can only be accessed by developer A.

2. In conjunction with user-based security access to source files, developers still should be able to compile the result, so they can see the output. Debugging is not necessary and we don't think it is possible, because not all files can be accessed by the developer. Local compilation is also not possible logically, but it is possible technically -- that is by transparantly compiling the files + changes from developer in source server -- and get the result back to the developer.

We really need this level of functionality. If it isn't in your feature, is it possible that you can create such functionality in next version?

It is kind of weird, why this functionality never exists yet in any of sourcecontrol application? We believe this is very very important feature that must exist in a sourcecontrol app, to keep company's intellectual property as safe as possible.

Thanks and I'm waiting for earliest reply.

Regards,
James.
Intersoft Solutions Corporation.

dan · Post by **dan** » Wed Mar 17, 2004 8:57 am

For #1, Vault has folder level security, but does not yet have file level security. Organizing files into folders with the same security seems to work for most users, although we do want to eventually add the file level security as well. But, it probably won't make the next release.

For #2, I think the only way to do this would be to checkin the compiled output of the source files. If Vault brought the files over silently, users would still be able to find them on their local system if they knew they were there. Also, secretly compiling the files would require a far greater interaction with the IDE than the IDE currently allows, and wouldn't technically be part of the SCC system, but part of the IDE.

Hope this helps. Let me know if you have any other questions.

Evaluator · Post by **Evaluator** » Wed Mar 17, 2004 12:09 pm

THanks for the reply.

Ok, for #1, if you have folder level security, does that mean developer A can access that folder, and can't access other folders?

If yes, can the developer compile locally and see the output, while leaving all other folders untouched?

For hints on #2, you can easily encrypt the files with strong encryption that the developer doesn't have access.

dan · Post by **dan** » Wed Mar 17, 2004 1:20 pm

Evaluator wrote: Ok, for #1, if you have folder level security, does that mean developer A can access that folder, and can't access other folders?

If yes, can the developer compile locally and see the output, while leaving all other folders untouched?

Yes, you can set it up so that one developer (or a group of developers) don't have access to a set of folders that other developers do have access to, and vice versa. If a developer has access to a folder, they can get the files and compile them locally on their machine, and those without access cannot.