Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cross-project-issues-dev] Why allowing Hudson to write to your downloads is a Bad Idea.

I heard someone mention that we ought to do away with this issue
entirely and have our project spaces be backed by git repositories

I love that idea :)


jesse mcconnell

On Wed, Sep 14, 2011 at 06:55, Gunnar Wagenknecht
<gunnar@xxxxxxxxxxxxxxx> wrote:
> Am 14.09.2011 13:41, schrieb Igor Fedorenko:
>> What kind of manual validation do you do to make sure files produces by
>> Hudson have not been maliciously modified by somebody who gained control
>> over Hudson instance (assuming you use Hudson to produce
>> milestone/release builds)?
> Release builds are executed manually. Thus, I can usually rely on the
> Hudson logs and timestamp comparison or a flux capacitor. ;)
> I guess there is still a chance that some hacker installed a plug-in
> that does byte transformation while my build job is in progress. If you
> really want to be sure ... don't do release builds on Hudson.
> -Gunnar
> --
> Gunnar Wagenknecht
> gunnar@xxxxxxxxxxxxxxx
> _______________________________________________
> cross-project-issues-dev mailing list
> cross-project-issues-dev@xxxxxxxxxxx

Back to the top