https://stackoverflow.com/questions/14150351
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianI don't know how Windows security works, but generally speaking, creating a user (or several users if you want to) with restricted permissions should indeed protect your Sonar server from most issues.
Sonar Security in a Multiple Project Analysis
Question
I have a single Sonar instance analyzing codebases of different projects owned by different customers. I need to ensure non of the project teams can manipulate the sonar/machine security to access codebases of other projects (For example through a malicious unit test, or through a script to create a backdoor).
I can use Windows security to create restricted user accounts that just have access to project specific folders. Then I can use that Windows account to schedule a task to perform code download from SCM and trigger Sonar Runner in triggering the analysis.
Now my question is this. When I run Sonar Runner under a particular Windows user account, will the real sonar analysis/unit test execution run within a sandbox of that particular user account?
If not, is there a mean of sandboxing different projects to achieve my goal?
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
