Time Savings vs. Security

Ken Snyder kendsnyder at gmail.com
Fri Jan 4 09:36:27 MST 2008


I am programming in a somewhat common security setup where the 
development network is not connected to outside networks.  There are 
only two ways to copy deployments to test and production: removable 
media and a copy script using a Linux server that pushes files from dev 
to production or production to dev.

We developers would like to make our weekly deployments by simply having 
the production machines svn checkout and svn update from our svn release 
branch.  However, technically minded upper managers see such a network 
setup as too insecure.  The developers are interested in saving time as 
our weekly deployments span 25 to 50 files per week across several web 
applications.

Is the time savings worth the security risk?


- Ken Snyder





More information about the PLUG mailing list