|Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.|
On 2011-09-14 09:42, Gunnar Wagenknecht wrote:
Indeed. My point is that if everyone writes a cron-job in order to gain control, then we move the responsibility to each individual project to ensure that what it copies is secure. How can each project ensure that if we assume that Hudson is compromised? I have no idea how I should write a cron-job that would detect malicious code cleverly hidden in a Hudson build result. Do you? Does anyone?Am 14.09.2011 09:29, schrieb Thomas Hallgren:How is that different from having an ACL that permits Hudson to write to your download area?Well, I don't have to run the cron job., i.e. it's it's under *my* control.
Back to the top