Re: [cross-project-issues-dev] Why allowing Hudson to write to your down

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.

From: Thomas Hallgren <thomas@xxxxxxx>
Date: Wed, 14 Sep 2011 15:16:06 +0200
Delivered-to: cross-project-issues-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/cross-project-issues-dev>
List-help: <mailto:cross-project-issues-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/cross-project-issues-dev>, <mailto:cross-project-issues-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/cross-project-issues-dev>, <mailto:cross-project-issues-dev-request@eclipse.org?subject=unsubscribe>
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.20) Gecko/20110831 Fedora/3.1.12-2.fc14 Lightning/1.0b2 Thunderbird/3.1.12

On 2011-09-14 15:09, Jesse McConnell wrote:

unless you want to talk about git access credentials being compromised
and oh gee, lets just shut it all down and go play in our little
sandboxes

My concern is that we must assume that Hudson is compromised. Hence, we must assume that all builds produced by Hudsonare compromised. Git will make it easier to revert bad stuff, and it does bring the other advantages you mention aswell. I really like git, don't get me wrong, but the fundamental security problem remains no matter what mechanism weuse to transfer a build result from Hudson to the download site.

Either we trust Hudson, or we don't. If we do, then using ACL's like we do today is OK. If we don't, well, then a verystinky can of worms is opened. We need to either address that fully, or try and secure Hudson so that it can be trusted.


- thomas

Follow-Ups:
- Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
  - From: Jesse McConnell

References:
- [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
  - From: Denis Roy
- Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
  - From: Igor Fedorenko
- Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
  - From: Gunnar Wagenknecht
- Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
  - From: Thomas Hallgren
- Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
  - From: Gunnar Wagenknecht
- Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
  - From: Thomas Hallgren
- Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
  - From: Gunnar Wagenknecht
- Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
  - From: Igor Fedorenko
- Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
  - From: Gunnar Wagenknecht
- Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
  - From: Jesse McConnell
- Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
  - From: Thomas Hallgren
- Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
  - From: Jesse McConnell
- Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
  - From: Thomas Hallgren
- Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
  - From: Jesse McConnell

Prev by Date: Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
Next by Date: Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
Previous by thread: Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
Next by thread: Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.
Index(es):
- Date
- Thread

Breadcrumbs