Software Distributor Administration Guide for HP-UX 11i
SD-UX Security
Security Use Models
Chapter 9 297
user:swadm:rwict
host:systemA.loc.company.com:r
host:systemB.fc.hp.com:r
Security for Software Developers
Software developers iteratively package their products and test them
before distribution. This involves packaging products into depots and
installing them to Roots for testing. Since it may require several
iterations to get all the customization right, it is not helpful to prevent
software developers from having free access to depots and Roots for this
testing.
You should also not have products that are being tested, coming and
going on wide-use depots and roots. They might accidentally be installed
or used before they are ready.
The recommended method of development is to provide one or more
development depots and roots for testing purposes, each with protections
customized to meet the needs of the development group using them. To
this end, the default ACL template mechanism described previously is
handy, since products come and go quickly.
A host administrator (someone with insert permission on the host)
should create the test depot for developers, then assign a depot
administrator and edit the depot ACL to grant that person control (ACL
edit) permission on the depot. The depot’s product ACL template should
then be set up so that users inserting a product may also write (modify
and delete) it, and so that it may be read only by the known test systems.
Similarly, test roots may be created, perhaps on other test hosts, to which
developers may install test products. Access to install to the test root
should be restricted to the development group.
When testing is complete and a product is ready for release, the product
may then be copied to a general distribution depot to make it more
widely readable without exposing all the untested products on the test
depot.
There are many additional ways in which these basic concepts may be
used to implement a desired security policy for product development.