Control and logging of web developer's actions, what to do?

And2017-08-14 12:42:04

css

And, 2017-08-14 12:42:04

We have an idea for a web project (an internal toolkit with access from all objects for us, builders), even the backbone of a past programmer is thrown in and somehow works. The previous person merged from the project without fixing his jambs, without completing much, so we are rewriting the contract in order to protect ourselves from such behavior and hiring a new one. How to protect yourself from backdoors, leaking information and other dishonest attitude of a freelance programmer? Not even to secure, namely to control, because according to the contract, the programmer will have all the responsibility in the event of such a bad situation.
The idea is this - we raise some version control, where this programmer writes. From there, everything is automatically transferred to the production server, because the proger is still the same. In the case of conflict situations, suspicions, etc., we raise logs, diffs and see if there was malicious intent and its dry contract through the court or we make sure that it was a hack and a drain through other channels.
So, the question is - do I understand correctly how these systems work? Will it be possible to see when the edit was made, which led to sad consequences? Can the programmer somehow influence these entries and delete the log exactly for the disputed entry - i.e. it will be on the production server, but it will not be in the version control logs and he will blame everything on the previous programmer, they say it was before me? And, since this system is with us - can you name the pros and cons of this or that system and what exactly suits us optimally for this task? I myself do not have IT, I only figured it out a little at the level of buying and running a Linux server on centos.
The idea is not mine, but management wants to keep the developer exactly in line.
UPD:Yes, we thought it was too much. They made a copy of the files and wrote in the contract that in case of disputes we have the right to refer to these copies for comparison.

Answer the question

In order to leave comments, you need to log in

10 answer(s)

ReActor Dmitry Vershansky, 2019-04-05
@HunteR-VRX

.block {
width: 300px;
height: 300px;
background: #f00;
position: absolute;
top: 0;
left: -150px
transform: rotate(45deg);
z-index: 999;
}

Alexander, 2017-08-14
@wiggy

The responsibility for leaking confidential information is generally accepted, as a rule, everyone already has it in the contract.
Regarding some jambs of the encoder, it’s not clear what you want, but it sounds terrible, you won’t go far with such a scheme.
To keep the code clean, hire a good programmer, not a freelancer, and pay him well so that he does not merge, or outsource the development to a third-party company.

Dmitry, 2017-08-14
@dimasmagadan

You can try based on gitflow or a similar approach:
1 we give this developer access only to the repository. He does not have access to the server.
2 set up auto-deploy from the master branch to a live server.
So all edits are visible. You can see who did it, when and why.
And there is no access to the server. These are pluses.
Of the minuses, we will need developers who know how to work with the git, who know how to set it all up. Usually, the more a developer knows, the more expensive it is. Accordingly, the project will be more expensive.
At least every self-respecting programmer should be able to use version control systems, in fact, dofiga who does not use them at all.

awdemme, 2017-08-21
@awdemme

Without the right qualifications, you can't do anything.
Logs can be overwritten.
Hidden backdoors and rarely use them.
We need a separate specialist to check the first one
;)
I highly doubt that people will put backdoors - this is a lot of extra work.
After all, you are not writing a banking payment system.

Puma Thailand, 2017-08-14
@opium

Is it worth it to hire a programmer whom you do not trust in advance
if you need to organize the entire drain, you can organize it very cleverly and not noticeably
, and without a deep analysis of the code, this drain cannot be detected

Egor Zhivagin, 2017-08-14
@Krasnodar_etc

Briefly:
Yes, the version control system - GIT - suits your requirements. I think you have heard about github, but I will also mention BitBucket.
How to control? No way. You can simply not allow access to the server, but in this case you yourself will have to set up Git and a webhook for it.
I sincerely do not understand what you want to find in the logs. Or rather, in code. If you don’t have your own programmer, who will read it and understand whether there was intent?
Yes, and ... what could be there? Here's an idea to sell to a competitor - it's real. And put something on your site ... what? and why? )
Delete from Git logs ... Well, so that without a trace - no, you can't.
The flag is in your hands, of course, but I would refuse the offer to work like that. Also from the position "you twist it for now, and then we will find a normal developer"

Fortop, 2017-08-14
@Fortop

Will it be possible to see when the edit was made, which led to sad consequences?

It will be possible, but it will not help you solve your problem.
Depends on the settings of the version control system.
In general, yes it can. No matter what the above people say here.
And yes, even within git
As mentioned many times git will suit you.
But it does not completely close the tasks before you.
You need third-party technical expertise of the code that this developer will write for you.
Those. another programmer who will review the code of the first one.
Such a programmer will cost more. But it will take less time, so within the budget it will cost you a little cheaper.
How to protect yourself from backdoors, leaking information and other dishonest attitude of a freelance programmer?
These are three completely different tasks.
The first is partially covered by code-review.
The second is partially covered by the prohibition of direct access to the production server.
The third generally lies outside the scope of technical solutions.

Mesuti, 2017-08-14
@Mesuti

Have you considered the GIT system, there is just a system for logging changes to files.

CityCat4, 2017-08-14
@CityCat4

You need SVN. Not git, as everyone here vying with each other advises (perhaps they don’t already know about other VCS), but SVN. Why?
SVN is designed for centralized storage - and if you need to give access to a part of the project, this is easily done
SVN does not have the ability to edit the log
You can insure against backdoors by hiring another programmer - analyze the code
From leaking information - do not give access to the entire project (which, by the way, in GIT is impossible - Git was originally made for OpenSource projects)
From an unfair attitude - only control, constant control over work. With daily commit checks

Xeli, 2017-08-17
@Xeli

How to protect yourself from backdoors, leaking information and other dishonest attitude of a freelance programmer?

Properly prescribe the contract, where to indicate the entire degree of responsibility. This is for a lawyer. Checking the existing code for backdoors is for specialists to audit.
If you use git, then this is a distributed system where all project participants learn about the changes, the changes made in the master are saved by all project participants (depending on access rights), each commit contains information about the author of the code + the committer, the person who made this commit. If this commit contained malicious code, then it is very easy to prove in court that it was this villain who introduced it, for greater peace of mind, use the GPG digital signature and oblige to work only through it.