Return-Path: Delivered-To: apmail-ant-ivy-user-archive@www.apache.org Received: (qmail 43795 invoked from network); 24 Apr 2008 21:23:45 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 24 Apr 2008 21:23:45 -0000 Received: (qmail 21974 invoked by uid 500); 24 Apr 2008 21:23:46 -0000 Delivered-To: apmail-ant-ivy-user-archive@ant.apache.org Received: (qmail 21953 invoked by uid 500); 24 Apr 2008 21:23:46 -0000 Mailing-List: contact ivy-user-help@ant.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: ivy-user@ant.apache.org Delivered-To: mailing list ivy-user@ant.apache.org Received: (qmail 21942 invoked by uid 99); 24 Apr 2008 21:23:46 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 24 Apr 2008 14:23:46 -0700 X-ASF-Spam-Status: No, hits=-4.0 required=10.0 tests=RCVD_IN_DNSWL_MED,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of Shawn.Castrianni@halliburton.com designates 34.254.16.16 as permitted sender) Received: from [34.254.16.16] (HELO HOUMAIL004.halliburton.com) (34.254.16.16) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 24 Apr 2008 21:22:52 +0000 Received: from HOUEXHU010.corp.halliburton.com (houexhu010.corp.halliburton.com [34.224.232.94]) by HOUMAIL004.halliburton.com (8.13.8/8.13.8) with ESMTP id m3OLKdxM027448 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT) for ; Thu, 24 Apr 2008 16:22:55 -0500 Received: from HOUEXCH012.corp.halliburton.com ([34.224.232.93]) by HOUEXHU010.corp.halliburton.com ([34.224.232.94]) with mapi; Thu, 24 Apr 2008 16:21:06 -0500 From: Shawn Castrianni To: "'ivy-user@ant.apache.org'" Date: Thu, 24 Apr 2008 16:21:04 -0500 Subject: RE: secure dependency artifacts Thread-Topic: secure dependency artifacts Thread-Index: AcimSu/82kzO++QDTmeRIrcjEhWqIAABdChA Message-ID: <745B9EDF57802349B13F90E4E0B4B86C3BA402BB49@HOUEXCH012.corp.halliburton.com> References: <745B9EDF57802349B13F90E4E0B4B86C3BA402BB48@HOUEXCH012.corp.halliburton.com> <20080424203556.GA89242@nmhq.net> In-Reply-To: <20080424203556.GA89242@nmhq.net> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-HALSTAMP: TRUE X-Proofpoint-Virus-Version: vendor=fsecure engine=4.65.7111:2.4.4,1.2.40,4.0.164 definitions=2008-04-24_07:2008-04-24,2008-04-24,2008-04-24 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx engine=3.1.0-0804140000 definitions=main-0804240168 X-Virus-Checked: Checked by ClamAV on apache.org How would all the developers unencrypt it? They each have their own creden= tials with their own passwords. What I am trying to achieve is for only th= e developers that have access to the source code in the Subversion reposito= ry to be able to see the src.zip when they do a resolve/retrieve. That way= nobody is getting access to source code that they don't already have with = Subversion. --- Shawn Castrianni -----Original Message----- From: Niklas Matthies [mailto:ml_ivy-user@nmhq.net] Sent: Thursday, April 24, 2008 3:36 PM To: ivy-user@ant.apache.org Subject: Re: secure dependency artifacts On Thu 2008-04-24 at 15:05h, Shawn Castrianni wrote on ivy-user: : > This is working great, but here comes a new corporate policy. > We have to increase the security of our source code and closely > monitor who has access to what. We do this with our SVN server, but > by publishing the source.zip on a shared netapp storage device, > anybody can go to the network share and browse into these source zip > files. This essentially gives everybody access to all source code. Why not just encrypt the source zip using something like PGP? That would be both simplest and safest. -- Niklas Matthies ---------------------------------------------------------------------- This e-mail, including any attached files, may contain confidential and pri= vileged information for the sole use of the intended recipient. Any review= , use, distribution, or disclosure by others is strictly prohibited. If yo= u are not the intended recipient (or authorized to receive information for = the intended recipient), please contact the sender by reply e-mail and dele= te all copies of this message.