Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cross-project-issues-dev] Security changes to SSH and shells explained


On 28/09/2011 3:07 PM, Denis Roy wrote:

However, I'd be interested to know your thoughts on how we'd implement a "temporary trust"...  Perhaps, when replying to the email, you type a keyword in the email body that we parse and use?

About what I had in mind. Though other options certainly exist. Could get fancy with https links like many sites where you reset passwords, but that is probably way too much effort for the return.

Ultimately, eliminating the need for a shell is the goal.  Since many projects use shell-based builds, we can't just assume that torquing Hudson will solve all our problems today. 

I'm utilizing one of those "shell-based" systems, though it'd be nice to move it to Hudson infrastructure. Like Kim, I'm dubious that the need for shell access could be completely eliminated, but it can certainly be mitigated with further efforts.

-Eric

Back to the top