» 2008 » December

Archive for December, 2008

Dec 22 2008

How to Manage Security in SourceSafe / VSS

This article is a part of SourceSafe / VSS Tutorial

Introduction

SourceSafe provides a tool, Visual SourceSafe Administrator, to manage the permission of the VSS users.

However, designed for trusted environment, SourceSafe offers very low security. Regardless of the VSS project level permission, all VSS users must have read & write permission of the whole VSS folder from the file system. This means even for a VSS user who only has read permission of a single file in VSS database, he/she can copy or even delete the whole VSS database from the file system

Furthermore, if we have remote SourceSafe users, we need to expose our whole VSS database folder from the file system level, which makes our source code vulnerable to outside hackers.

There is no easy way to solve this security vulnerability since VSS is designed that way. One possible option is to use an add-on tool to convert VSS from a file based system to a client/server architecture based system. A tool I developed, called SourceAnywhere for VSS, can do this job. The link for SourceAnywhere for VSS is:
http://www.dynamsoft.com/Products/SAW_Overview.aspx

The project level security mechanism in VSS can only prevent unintended changes. If you are still interested in learning more about how to set the project level securities in VSS, you can read more about it below.

Managing project level security

To manage the project rights for an individual command for each user, we can follow the steps below:

1. Open Visual SourceSafe Administrator program.

2. Check the Enable Rights and Assignments commands box in the Visual SourceSafe Administrator menu Tools -> Options -> Project Rights tab. In the New User Rights area of the Project Rights tab, we can deselect the project rights that do not apply to any database users.

(SourceSafe Options)

3. Now there are 3 rights commands available on the Tools menu: Rights by Project, Rights Assignments for User and Copy User Rights.

To assign project rights from the project list:

1. In Visual SourceSafe Administrator, click Tools -> Rights by Project.

2. In the Project Rights dialog box, select a project and click Add User to attach the user for whom to assign project rights.

(Project Rights)

3. Select a user in the user list. Under User rights, specify the permissions.

To assign project rights from the user list:

1. In Visual SourceSafe Administrator, select a user in the users list, and click Tool -> Rights Assignments for User.

2. In the Assignments for dialog box, click Add Assignment.

Assignments for <user>
(Assignments for )

3. Select a Visual SourceSafe project and then specify permissions for the user on the selected project. Please be advised that a user must have the Destroy project right to deploy a Web site.

Add Assignment for <user>
(Add Assignment for )

To copy one’s user rights to another user:

1. In Visual SourceSafe Administrator, click the user whose project rights you want to modify in the users list.

2. Click menu Tools -> Copy User Rights. The Copy Rights Assignments to dialog box prompts out.

(Copy Rights Assignment to Test)

3. Select a user from whom to copy rights, and then click Copy.

The SQL Server-based Source Control Software Designed to be a SourceSafe Replacement

The Fastest SourceSafe Remote Access Tool Recommeded by Microsoft

Links:
Previous article <<<<: How to manage users in SourceSafe / VSS
Next article >>>>:
SourceSafe How To series home page: VSS / SourceSafe Tutorial

No responses yet

Dec 19 2008

Show History in SourceSafe / VSS

Published by Kevin Gao under SourceSafe

This article is a part of SourceSafe / VSS Tutorial

Show History Basics

Show History is one of the most important features in SourceSafe. My personal feeling is that being able to go back to the pervious versions is the main purpose that software development teams use version control tools. It gives us peace of mind when we implement new features and fix bugs.

The Show History command in SourceSafe allows us to view the history information of a file/project by listing all the versions of an item from the latest version to the creation of the item. In the History Explorer, we can see the version number of the item, the user who performed the action, the date/time of the event and the action. We can also perform operations like Get, View, Pin on a specific version of the item and rollback a file to an old version.

Many developers only use the History Explorer to view a previous version or do diff and may not know many useful features of the History Explorer. I am listing some of the features in the following section and hope you will find it useful.

How to view the history of an item

To view history of a file/project, we can click Show History under the Tools menu or from the right-click menu of the item, set history options in the following dialog box and then the history explorer will appear listing all the historical information of the item.

History Explorer

(File History Explorer)

Get an old version of a file/project

Sometimes we may want to retrieve an old version of a file or project. We can do that through history explorer. Select the version of the file/project we would like to retrieve and click Get.

Get a version of a file/project by label

Label is a good way to manage version release/builds. For more information, see Label. VSS also provides the feature to get an item by label. If we check Include Labels option in the History Options dialog box, we will see all the labels that have been assigned to the item in the Action column of history explorer. Simply selecting the labeled version and clicking Get will get the labeled version to the local drive.

Diff two versions of a file

In history explorer, we can also compare two versions of a file. To do that, we can select two versions of the file and click Diff. For more information, see File Diff.

Pin an old version of a file

If we want our team members to get a specific historical version of a file by default, we can pin the file to that version by selecting the version in the history explorer, and clicking Pin. For more information, see Pin.

Rollback to an old version of a file

We can use the Rollback feature to return a file to an old version and erase all the newer versions . If the file is shared among several projects, Rollback will only affect the current project. It breaks the file in the current project from that in the other projects. To rollback to an old version, we can select the version we want to rollback to and click Rollback in the history explorer.

Change label & comment

We may want to change the label/comment of an item in some situations. We can do it through history explorer too. Select the item version from the history explorer, click the Details button and then we can change label and comment in the History Details dialog box.

(History Details)

History report

We can report the history information of an item to a printer, file or clipboard by clicking Report button in the history explorer. Checking Include details can include more detailed information, like comments in the report. Checking Include differences can include the differences between versions in the report.

(History Report)