Using Visual SourceSafe - How to Manage Security
This article is a part of SourceSafe / VSS Tutorial
SourceSafe provides a tool, Visual SourceSafe Administrator, to manage the permission of the VSS users.
However, designed for trusted environment, SourceSafe offers very low security. Regardless of the VSS project level permission, all VSS users must have read & write permission of the whole VSS folder from the file system. This means even for a VSS user who only has read permission of a single file in VSS database, he/she can copy or even delete the whole VSS database from the file system
Furthermore, if we have remote SourceSafe users, we need to expose our whole VSS database folder from the file system level, which makes our source code vulnerable to outside hackers.
There is no easy way to solve this security vulnerability since VSS is designed that way. One possible option is to use an add-on tool to convert VSS from a file based system to a client/server architecture based system. A tool I developed, called SourceAnywhere for VSS, can do this job. The link for SourceAnywhere for VSS is: https://www.dynamsoft.com/sourceanywhere/overview/
The project level security mechanism in VSS can only prevent unintended changes. If you are still interested in learning more about how to set the project level securities in VSS, you can read more about it below. :)
Managing project level security
To manage the project rights for an individual command for each user, we can follow the steps below:
Open Visual SourceSafe Administrator program.
Check the Enable Rights and Assignments commands box in the Visual SourceSafe Administrator menu Tools -> Options -> Project Rights tab. In the New User Rights area of the Project Rights tab, we can deselect the project rights that do not apply to any database users.
- Now there are 3 rights commands available on the Tools menu: Rights by Project, Rights Assignments for User and Copy User Rights.
To assign project rights from the project list:
In Visual SourceSafe Administrator, click Tools -> Rights by Project.
In the Project Rights dialog box, select a project and click Add User to attach the user for whom to assign project rights.
- Select a user in the user list. Under User rights, specify the permissions.
To assign project rights from the user list:
In Visual SourceSafe Administrator, select a user in the users list, and click Tool -> Rights Assignments for User.
In the Assignments for dialog box, click Add Assignment.
- Select a Visual SourceSafe project and then specify permissions for the user on the selected project. Please be advised that a user must have the Destroy project right to deploy a Web site.
![Add Assignment for
To copy one’s user rights to another user:
In Visual SourceSafe Administrator, click the user whose project rights you want to modify in the users list.
Click menu Tools -> Copy User Rights. The Copy Rights Assignments to dialog box prompts out.
(Copy Rights Assignment to Test)
- Select a user from whom to copy rights, and then click Copy.
The SQL Server-based Source Control Software Designed to be a SourceSafe Replacement