[cvsnt] Re: CVSNT + Web Application Implementation
Gerhard Fiedler
lists at connectionbrazil.com
Wed Jan 25 12:03:46 GMT 2006
Glen Starrett wrote:
> Switch to Apache and dump the security nightmarish IIS :b
Hm... besides the fact that IIS works just fine, I fail to see what the
problem is with local web servers on developer machines. Supposedly they
are on systems with local IP addresses of a company LAN, supposedly they
are exposed to the internet only through a company router/gateway, where
supposedly incoming requests on port 80 get routed to the company web
server and not to any developer machine -- so where's the potential
security threat of IIS (or any local web server on developer machines)?
On a typical Windows system, there are more dangerous services alive. When
exposing my system to the internet, IIS is the least of my concerns :)
> OK, in more practical terms, you have options:
>
> 1) Put your sandboxes on the network anyway. [...]
> 2) Commit every minor change and set up a mirror sandbox on the server
> that auto-refreshes on commit. [...]
> 3) Use Terminal Server to run TCVS from a terminal window on the server, [...]
> 4) (seriously) switch web server to something that is allowed by your IT
> department on the local machines AND on the server. [...]
Maybe 5) Use a directory sync tool to sync your (local) sandbox with the
share on the server where your test web site code resides. If you bind a
sync command to a keystroke, that's usually pretty quick.
Gerhard
More information about the cvsnt
mailing list