ant-ivy-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Shawn Castrianni <Shawn.Castria...@halliburton.com>
Subject RE: secure dependency artifacts
Date Thu, 24 Apr 2008 21:21:04 GMT
How would all the developers unencrypt it?  They each have their own credentials with their
own passwords.  What I am trying to achieve is for only the developers that have access to
the source code in the Subversion repository to be able to see the src.zip when they do a
resolve/retrieve.  That way nobody is getting access to source code that they don't already
have with Subversion.

---
Shawn Castrianni

-----Original Message-----
From: Niklas Matthies [mailto:ml_ivy-user@nmhq.net]
Sent: Thursday, April 24, 2008 3:36 PM
To: ivy-user@ant.apache.org
Subject: Re: secure dependency artifacts

On Thu 2008-04-24 at 15:05h, Shawn Castrianni wrote on ivy-user:
:
> This is working great, but here comes a new corporate policy.
> We have to increase the security of our source code and closely
> monitor who has access to what.  We do this with our SVN server, but
> by publishing the source.zip on a shared netapp storage device,
> anybody can go to the network share and browse into these source zip
> files. This essentially gives everybody access to all source code.

Why not just encrypt the source zip using something like PGP?
That would be both simplest and safest.

-- Niklas Matthies

----------------------------------------------------------------------
This e-mail, including any attached files, may contain confidential and privileged information
for the sole use of the intended recipient.  Any review, use, distribution, or disclosure
by others is strictly prohibited.  If you are not the intended recipient (or authorized to
receive information for the intended recipient), please contact the sender by reply e-mail
and delete all copies of this message.

Mime
View raw message