Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Are SourceSafe password scheme and database rights a joke and Microsoft doesn “get” security?

database joke Microsoft password Rights Scheme security sourcesafe
0
Posted

Are SourceSafe password scheme and database rights a joke and Microsoft doesn “get” security?

0 CommentsAdd a Comment

1 Answer

0

No. Microsoft does not see SourceSafe password scheme and the SourceSafe user rights as security measures. The VSS built-in mechanisms will only prevent for instance a user to delete a file by mistake, or to checkin by mistake newer versions of a file in parts of the tree that were locked down. They will not prevent a determined hacker to view or modify the database files. Microsoft recommends securing the SourceSafe database by using NTFS access lists and file share permissions, and restricting the database access only to those Windows users who really need access (see below). Should I worry that someone could reset the SourceSafe Admin password? No. Someone who wants to read the files stored in a VSS database doesn’t have know, reset or recover a password. If such user has access to the database share, he can simply view the content of all the files in the database by looking in the physical files like WRTBAAA.A and .B from the data subfolder. And he can easily reconstruct the file n

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123