Would you say that this prevents a single developer, on a whim, from introducing a backdoor?While agreeing with most of your post, I can testify to previously working for a company with a state-of-the-art ClearCase implementation. Each R&D team has it's own branch to work on, and only the integration team merged files from these branches to our /main branch.
I was also making the point that, even if all procedures were in place, a backdoor can still be introduced. See my next sentance from my original mail.Furthermore, each feature had its own branch, which was merged to relevant team branches once matured and tested. Yes, this definitely isn't ClearCase 101, but I agree with Shachar that the companies (in Israel, anyway) using a good version control system and matching procedures can be counted on one hand of former army Engineer.
..In any case, assuming the developer is qualified to write production code, they can write code that gets CPU time on a client's machine. As such, they can backdoor the product.
In short - there is plenty room for a single developer to backdoor a commercial product. This goes for any commercial environment.
Hmm. Doesn't your company fall under the second case in my "exceptions" list?As such, it is worth noting that I am yet to see a commercial company where, as a rule, one developer does not have source code access to the entire company's product suite. There are exceptions (a release the company is trying to keep a secret, government contracts, clean room reverse engineering), but they are just that - exceptions.
Again, here you're wrong. The company I work for currently does not allow engineers access to code they have no business reading in the first place. Of course, a malicious programmer can always social engineer his way into getting access to the code.
Shachar
-- Shachar Shemesh Open Source integration consultant Home page & resume - http://www.shemesh.biz/
================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]