本文介绍了在github,bitbucket等存储库网站上托管敏感数据有多安全?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧! 问题描述 限时删除!! 出于好奇,这只是一个问题。我想知道它通常被认为在Github,Bitbucket等存储库网站上托管敏感数据有多安全?是否足够安全地摆脱本地机器上的所有代码并将其全部存储在那里?从保守公司机密的角度看安全性如何?我注意到这些网站吹捧像谷歌和雅虎这样的大公司使用他们的服务,但是这些大公司是否真的将商业秘密和重要的公司代码存储在像这样的网站上? Github有一个页面( http://help.github.com/security ),它有一些有趣的信息,这表明他们正在推销它,就像我所描述的那种傻瓜证明。但是在实践中,像Google这样的大公司是否真的发现他们的专有秘密和大量代码真的可以安全地避免类似这样的网站上的窥探和灾难性事件发生? 解决方案 一如既往,它取决于: - ) 可以有两种不同的安全含义: 我可以相信托管方将我的资料(知识产权,公司机密......)保密吗? 我的代码是否突然停止服务? 对于1.,没有100%保证。 当然,像GitHub和Bitbucket这样的大型托管商不会故意与第三方共享您的代码,但总有一些黑客设法获取您的私有存储库的内容的可能性。 $ b $另外,您必须考虑托管方所在国家/地区的法律。几周前,我在某处读到,如果您的托管方在美国,可能会被法律迫使在某些情况下将数据提供给美国政府,他们甚至不会告诉你有关这件事(我不记得法律的名称,但也许有人知道)。 我想所有这些都会导致大多数大公司 在公共服务上托管他们的代码(我的公司是中等规模,我们也将私有代码托管) 。 顺便说一句,正如你提到的Google: 我相信Google特别是 not 使用Bitbucket或GitHub。他们自己拥有完整的项目托管基础设施,所以我猜他们也在内部使用它。他们为什么要使用外部服务?它在云端,是的......但它是云端。 关于2:GitHub或Bitbucket明天不太可能破产,但你永远不会知道。 IMO是你自己备份你的代码的责任。 DVCS的本质确保你拥有代码的本地副本,但是可能很难搜索大量的开发人员机器以查找所有项目的最新版本。 我通过将所有存储库定期(我写了一个工具,可以为Bitbucket执行此操作,我将其用于私人项目) This is just a question out of curiosity. I am wondering how safe it is generally considered to host sensitive data on repository websites like Github, Bitbucket, etc.? Is it safe enough to get rid of all code on local machines and just store it all on there? How about safety in the sense of keeping company secrets? I notice these sites tout big companies like Google and Yahoo use their services, but do these big companies actually store their trade secrets and important company code on websites like this?Github has a page (http://help.github.com/security), which has some interesting information, that shows they are marketing it as something fool proof like I described. But in practice, do big companies like Google really find that their proprietary secrets and massive amounts of code are really safe from prying eyes and disastrous occurrences on sites like these? 解决方案 As always, it depends :-)There can be two different meanings of "safety":Can I trust the hoster to keep my stuff (intellectual property, company secrets...) private?What happens to my code if the hoster suddenly goes out of service?For 1., there is no 100% guarantee.Of course, the big hosters like GitHub and Bitbucket won't share your code intentionally with third parties, but there is always the possibility that some hacker manages to get the content of your private repositories.(this could happen to you as well if you host your code internally in your company, but this is unlikely, because unless your company is as known as, say, Google, the chance of someone trying to attack your company is much smaller than the chance of someone trying to attack a well-known public hoster).Plus, you have to consider the laws of the country where the hoster resides.A few weeks ago I read somewhere that if your hoster is in the USA, they can be forced by law to give your data to the US government under certain circumstances, and they are not even allowed to tell you about that (I don't remember the name of the law, but maybe someone else knows).I guess that all this causes most "big" companies to not host their code on a public service (my company is mid-sized, and we host our code private as well).By the way, as you mentioned Google:I'm sure that especially Google does not use Bitbucket or GitHub. They have the complete infrastructure for project hosting themselves, so I guess they are using it internally, too. Why should they use an external service? It's in the cloud, yes...but it's their cloud.Concerning 2.: it's unlikely that GitHub or Bitbucket will go bankrupt tomorrow, but you never know.IMO it's your responsibility to take backups of your code yourself.The nature of DVCS makes sure that you have some local copies of your code anyway, but it might be difficult to search lots of developer machines for the newest versions of all of your projects.I do this by pulling all my repositories to my local machine regularly (I wrote a tool that can do this for Bitbucket, which I use for my private projects) 这篇关于在github,bitbucket等存储库网站上托管敏感数据有多安全?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持! 1403页,肝出来的..
09-06 15:56