Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.

Am 14.09.2011 13:41, schrieb Igor Fedorenko:
> What kind of manual validation do you do to make sure files produces by
> Hudson have not been maliciously modified by somebody who gained control
> over Hudson instance (assuming you use Hudson to produce
> milestone/release builds)?

Release builds are executed manually. Thus, I can usually rely on the
Hudson logs and timestamp comparison or a flux capacitor. ;)

I guess there is still a chance that some hacker installed a plug-in
that does byte transformation while my build job is in progress. If you
really want to be sure ... don't do release builds on Hudson.


Gunnar Wagenknecht

Back to the top