{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 祖国的老花朵 的问题《What source control systems have file level permis》','https://www.manongdao.com/q-1260259.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I might propose migrating away from VSS due to its inability to grant and deny permissions at the file level. The question is what source control systems allow this.
Update I am marking the SVN answer as the "correct" one, since it had the most feedback. However, there is no correct answer. I will make my recommendations to management based on all your feedback.
Perforce does.
Take a look at Plastic SCM and it's ACL model.
subversion does too, but the ACL is managed in a configuration file
If you are using VSS now, Team Foundation Version Control (TFVS) is the logical upgrade, especially if your corporate mandate is Microsoft-only tools.
http://msdn.microsoft.com/en-us/library/ms364074.aspx
Whatever its other flaws, IBM Rational Clearcase does support file-level permission controls. It also has other mechanisms that you can use - notably triggers which can be written to cause an otherwise permitted checkin to fail.
Mercurial does, with the bundled Acl extension