Method 2 below is correct.
You might need to add the new group to the other vobs, so that the special
developers can read those too.
Also, if you don't already have a "protect" trigger, create one and
enforce proper ownership on mkelem - just in case people forget to
"newgrp" properly.
Don't expect bullet-proof security. There are published root exploits for
any machine that has clearcase installed. In general, "need to know"
policies are bad for your health.
-- cgOn Thu, 3 Feb 2000, Prasad Herur wrote:
> Hi, > > I have the task of maintaining some confidential code. > Only 5 engineers need to have read access to this VOB. > > All the machines are solaris boxes. > > 1> Is there a way of achieving this when these 5 engineers belong to > the same group as other engineers, like firing a trigger which checks > the user name whenever some one gets into this vob. > > 2> Can I ask my sys admin to create another user group, > and use protectvob to add the new group and delete the > general users group for this vob. > > 3> Is there some other way of restricting read access to a vob. > > Any and all comments are welcome. > > Prasad >
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
This archive was generated by hypermail 2b29 : Sun May 06 2001 - 00:23:00 EDT