SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 

The Secret Password

By Steve Jones,

As I work with more server systems that help developers run Continuous Integration and automated releases, one of the things I see used often are variables. These are values you can set for a particular process and reference inside of that process. Great for setting server names, paths, etc. In releases, these are great for specifying specific values that change for each environment, such as the instance name or IP address.

As with many developer based systems, security is not always set tightly on these systems and any developer can access the build server to kick off builds, reconfigure a process, etc. That makes sense in a CI process, but not so much in a release system. This is one reason I do recommend a separate release server from the CI server. You can use Jenkins or TeamCity to perform releases, but is it a good idea? Have you thought through the security?

In the release servers, one thing that most systems allow the admin to do is use a variable for a password and mark it secret, so the value cannot be recovered. In this way, if some developer is working on the release process, they can't get the password to the production server. They can only click the buttons that deploy to that server.

However.

They can deploy to that server, and they don't need the password. If I were to execute a script in the release system that executes the "CREATE USER" and a "ALTER ROLE " commands to give me access to data, does it matter if I know the deployment password is "G4da%$2h#5f" or $(ProdPwd)? It doesn't. The actual value isn't relevant; I just need to be able to use it.

I think release systems are great pieces of software for reducing the risk of your deployments, but I do think the security models need to be carefully designed and easy to configure, especially when it comes to allowing arbitrary code to be submitted and executed by one person. Be sure that developers can't necessarily deploy code directly to production servers, whether the password is hidden or not. If there is a way to use the value, someone will find it.

 
Total article views: 72 | Views in the last 30 days: 1
 
Related Articles
BLOG

Microsoft SQL Server RELEASES

Microsoft SQL Server is a relational database management system developed by Microsoft. As a databas...

BLOG

SQL Server 2012 Developers Training Kit

Microsoft has recently released the SQL Server Developer Training kit for SQL Server 2012. The devel...

BLOG

Analytics Platform System (APS) AU7 released

The Analytics Platform System (APS), which is a renaming of the Parallel Data Warehouse (PDW), has j...

BLOG

Analytics Platform System (APS) AU7 released

The Analytics Platform System (APS), which is a renaming of the Parallel Data Warehouse (PDW), has j...

BLOG

Analytics Platform System (APS) AU5 released

The Analytics Platform System (APS), which is a renaming of the Parallel Data Warehouse (PDW), has j...

Tags
devops    
editorial    
security    
 
Contribute