This documentation is archived and is not being maintained.


Visual Studio 2005

Visual SourceSafe ensures database security by using standard Windows integrated security mechanisms to control access to shared resources. Only authorized Windows users can access a Visual SourceSafe database. The user designated as the database administrator for a team is responsible for controlling access to database projects. Access is based on sharing permissions and project rights granted by the database administrator. As the database administrator, you will use the Visual SourceSafe Administrator program to set up teams, control database access, and maintain the databases for your group.

Database Sharing

A shared Visual SourceSafe database is only as secure as the shared network folder in which it is located. Security is strengthened by setting sharing permissions for the database folder when you create a database or add or delete database users. If this is not done, a malicious user on the network can easily circumvent the standard Visual SourceSafe sharing permissions and project rights. For more information about setting up secure database sharing, see Securing a Database.

Database User Management

Visual SourceSafe manages users by using standard user name and password specifications. The user name and password identify a user at logon, in history information, and in file reports. Visual SourceSafe creates and keeps track of a user's information and environment in the Ss.ini file for that user.

The database administrator is responsible for setting user names and passwords. For more information about user management, see Securing a Database.

Audits of User Activity

In support of database security, Visual SourceSafe allows the creation of journal files to help prevent users from compromising data integrity. A journal file records database events for a particular user, for example, access to files and projects. For more information, see How to: Set Up a Journal File to Audit User Activity.

See Also