Welcome  |  Sign In
Skip Navigation Links
Microsoft Developer Network
Click to Rate and Give Feedback
MSDN
MSDN Library
This page is specific to
Microsoft Visual Studio 2008/.NET Framework 3.5

Other versions are also available for the following:
Visual SourceSafe
Security
[Note: This topic is pre-release documentation and is subject to change in future releases. Blank topics are included as placeholders.]

Visual SourceSafe ensures database security by using standard Windows integrated security mechanisms to control access to shared resources. Only authorized Windows users can access a Visual SourceSafe database. The user designated as the database administrator for a team is responsible for controlling access to database projects. Access is based on sharing permissions and project rights granted by the database administrator. As the database administrator, you will use the Visual SourceSafe Administrator program to set up teams, control database access, and maintain the databases for your group.

A shared Visual SourceSafe database is only as secure as the shared network folder in which it is located. Security is strengthened by setting sharing permissions for the database folder when you create a database or add or delete database users. If this is not done, a malicious user on the network can easily circumvent the standard Visual SourceSafe sharing permissions and project rights. For more information about setting up secure database sharing, see Securing a Database.

Visual SourceSafe manages users by using standard user name and password specifications. The user name and password identify a user at logon, in history information, and in file reports. Visual SourceSafe creates and keeps track of a user's information and environment in the Ss.ini file for that user.

The database administrator is responsible for setting user names and passwords. For more information about user management, see Securing a Database.

In support of database security, Visual SourceSafe allows the creation of journal files to help prevent users from compromising data integrity. A journal file records database events for a particular user, for example, access to files and projects. For more information, see How to: Set Up a Journal File to Audit User Activity.

© 2008 Microsoft Corporation. All rights reserved. Terms of Use  |  Trademarks  |  Privacy Statement
Page view tracker