如何保护我的代码
I had posted my question in the below link on how to protect my code using Hg
How do you protect code from leaking outside?
The question is:
In a DVCS scenario how can we restrict the code leakages? Is there any way technically to restrict this like when I move our of my work automatically history of codes should not be viewed?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
需要编写代码的程序员越多,他们对协作和网络访问的需求就越大 到代码中。您必须定义威胁模型是什么:您想要防范什么,并以定义合法访问和非法访问的方式。
The more programmers need to work on the code, the greater their need for collaborating and having networked access to the code. You'll have to define what the threat model is: what are you trying to protect against, in such a way that you define legitimate and illegitimate access.
一般来说,源代码只是一堆文本文件。无论谁有权访问它们,都可以“窃取”或“盗用”它们,无论它们是否存储在 CVS、git、Subversion、Mercurial、Windows 共享文件夹等中。
分布式版本控制系统可以轻松获取所有历史记录的副本,但假设心怀不满的员工也可以从 CVS 服务器获取完整历史记录。或者从备份磁带中,或者通过手动复制多年来的文件。
您唯一能做的就是限制复制组织中的所有数据。
我不会太担心,除非您的工作确实需要超级保密(想想军事等)。如果你正确对待你的员工,他们就没有理由伤害你的组织。
In general the source code is just a bunch of text files. Whoever has access to them, can ,,steal'' or ,,pirate'' them, regardless of whether they are stored in CVS, git, Subversion, Mercurial, Windows shared folder, etc.
Distributed version control systems make it easy to grab a copy of all the history, but a hypothetical disgruntled employee can grab complete history from CVS server too. Or from backup tapes, or by manually copying the files over the years.
The only thing you can do is to limit copying all the data in your organization.
I wouldn't worry all that much, unless your work really needs to be super-secret (think military and such). If you treat your employees right, they will have no reason to hurt your organization.