Return-Path: Delivered-To: apmail-ant-ivy-user-archive@www.apache.org Received: (qmail 26671 invoked from network); 24 Apr 2008 20:36:27 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 24 Apr 2008 20:36:27 -0000 Received: (qmail 69109 invoked by uid 500); 24 Apr 2008 20:36:28 -0000 Delivered-To: apmail-ant-ivy-user-archive@ant.apache.org Received: (qmail 69089 invoked by uid 500); 24 Apr 2008 20:36:28 -0000 Mailing-List: contact ivy-user-help@ant.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: ivy-user@ant.apache.org Delivered-To: mailing list ivy-user@ant.apache.org Received: (qmail 69078 invoked by uid 99); 24 Apr 2008 20:36:28 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 24 Apr 2008 13:36:28 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy) Received: from [213.73.82.19] (HELO nmhq.net) (213.73.82.19) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 24 Apr 2008 20:35:36 +0000 Received: from matthies by abode.nmhq.net with local (Exim 4.69 (FreeBSD)) (envelope-from ) id 1Jp8Af-000NDg-2U for ivy-user@ant.apache.org; Thu, 24 Apr 2008 22:35:57 +0200 Date: Thu, 24 Apr 2008 22:35:56 +0200 From: Niklas Matthies To: ivy-user@ant.apache.org Subject: Re: secure dependency artifacts Message-ID: <20080424203556.GA89242@nmhq.net> Mail-Followup-To: ivy-user@ant.apache.org References: <745B9EDF57802349B13F90E4E0B4B86C3BA402BB48@HOUEXCH012.corp.halliburton.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <745B9EDF57802349B13F90E4E0B4B86C3BA402BB48@HOUEXCH012.corp.halliburton.com> User-Agent: Mutt/1.4.2.3i X-Operating-System: FreeBSD 4.11-STABLE i386 X-Editor: VIM - Vi IMproved 6.4 X-Virus-Checked: Checked by ClamAV on apache.org On Thu 2008-04-24 at 15:05h, Shawn Castrianni wrote on ivy-user: : > This is working great, but here comes a new corporate policy. > We have to increase the security of our source code and closely > monitor who has access to what. We do this with our SVN server, but > by publishing the source.zip on a shared netapp storage device, > anybody can go to the network share and browse into these source zip > files. This essentially gives everybody access to all source code. Why not just encrypt the source zip using something like PGP? That would be both simplest and safest. -- Niklas Matthies