Security issues when running gerrit patches on jenkins

Mike Burns mburns at redhat.com
Wed Jul 18 17:43:15 UTC 2012


On Wed, 2012-07-18 at 13:34 -0400, Heiko W.Rupp wrote:
> Am 18.07.2012 um 13:00 schrieb Robert Middleswarth:
> 
> > I need trust to be earned so I +1 on whitelist.  With that said I think getting on the whitelist should be pretty easy.  
> 
> Isn't that what you usually do on projects - have the first few commits not directly go to master but being 
> reviewed by an existing committer and then giving full commit access to a new user?
> So I think that fits in and fits with what new committers are used to. Many of them actually would be scared
> if they got commit access from day 1.

It's not commit access that is being discussed.  We're not giving that
away easily.  Jenkins provides the ability to trigger builds/tests on
patch submission (just submission, not commit).  A savvy attacker could
write a patch that could cause the tests to compromise the jenkins slave
machine.  The whitelist being proposed is a whitelist for running the
build/test based on who submitted the patch.

Mike

> 
>   Heiko
> 
> _______________________________________________
> Infra mailing list
> Infra at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/infra





More information about the Infra mailing list