Robb Hill
asked on
Visual Studio 2008 and 2010 Security Issue
Currently working in an Organization that has removed Adminstrator rights to Visual Studio Developers. Most of the current OS on the developer machines are XP at this time.
Without going into details I am looking for two answers from this question regardless of best practices.
1) What is the best practice with justfication for providing a Visual Studio developer the local admin and administrator rights to the local pc.
2) Is there a workaround that works ensuring security is tight but no functionality to the developer is lost. If any development functionaility is lost. What is lost?
Thanks!!!
Without going into details I am looking for two answers from this question regardless of best practices.
1) What is the best practice with justfication for providing a Visual Studio developer the local admin and administrator rights to the local pc.
2) Is there a workaround that works ensuring security is tight but no functionality to the developer is lost. If any development functionaility is lost. What is lost?
Thanks!!!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://www.foundstone.com/us/resources/whitepapers/aspnetformsauthentication.pdf
ASKER
rkworlds - I am not sure how your article is relevent to the question?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Are there work arounds when in an XP environment with VS 2008 or 2010 to get around registering COM, Attaching Processes, or Debugging. Debugging being the most important to me.
Can you think of anything else that gets hosed?
Can you think of anything else that gets hosed?
I really don't know how you would do this exactly. The only thing I can think of is making one developer you trust have permissions and allowing the code to run under his supervision OR giving him access to a computer that can be used for debugging.
ASKER
I was reading an article and am not sure without testing.
If a web project was created in the www root directory....and that directory had the necessary permissions could debugging mode work?
If a web project was created in the www root directory....and that directory had the necessary permissions could debugging mode work?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This sounds like the developers aren't trusted to be able to use a PC sensibly in your organisation. Surreal !
ASKER
lol...its a government thing
ASKER
I had already found the msn article above...that is specific to 2003 it looks and we are on Xp machines running 2008 and 2010.
The article is still valid even for the recent versions including 2008 or 2010. It's talking about permissions issues and not specific features related to the IDE or framework used.
If you don't have permissions to do something that requires administrative privileges it doesn't really make a difference. :(
If you don't have permissions to do something that requires administrative privileges it doesn't really make a difference. :(
ASKER
Thanks this gave me the reasoning to get the developers the admin access they needed rather the workaround hack..thanks to all