continuum-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Louis Smith <dr.louis.sm...@gmail.com>
Subject Re: Securing working copies in build agent (CONTINUUM-2632)
Date Wed, 01 Jun 2011 16:42:35 GMT
I have to ask - why would a remote build agent need to keep its copy after
it is done?  Shouldn't a remote be setup to checkout, build, cleanup?
If it does a full package/install or deploy, its final output is stored
where it belongs anyway..  And If I'm looking for site reports, they should
be deployed at my enterprise location; if I'm looking for compilation
results, the build log is all I need.

I'd much prefer an option where I can set the build agents to leave nothing
around that anyone could backdoor into.  Their remote lifecycle should be
get it, do it, clean it.

Louis

On Wed, Jun 1, 2011 at 12:27 PM, Brett Porter <brett@apache.org> wrote:

> I'd agree with Wendy, at least at this point. There's no need for the
> complexity of user or project-level auth on the build agent. We also should
> remember that anyone that can run a build, can access every working copy on
> the agent via the backdoor :)
>
> I do think there's some value to per-user access to the WC from the agent
> over HTTP, as long as none of the info is duplicated - but I'd consider that
> a separate feature, not a core part of how this should be implemented.
>
> - Brett
>
> On 01/06/2011, at 9:18 PM, Wendy Smoak wrote:
>
> > On Tue, May 31, 2011 at 4:57 AM, Deng Ching <oching@apache.org> wrote:
> >> Currently, there is no security implemented for accessing (read-only)
> the
> >> working copies in the build agent via webdav. For CONTINUUM-2632, I'm
> >> planning to use a similar mechanism as with Maven when
> downloading/getting
> >> artifacts from a secured repository:
> > ...
> >
> > This seems to imply that people would be accessing the build agent
> > individually?  I don't think the build agent needs to know about users
> > -- the access should all go through the master which can handle
> > security via the user database.
> >
> > If you introduce an xml file on the build agent, how would it get
> > populated for a new build agent, or updated for an existing one?  It
> > also seems like that file would duplicate information already stored
> > in the user database (what user can see what group).
> >
> > I think the build agent should only respond to requests from the
> > master.  It shouldn't be talking to anybody else.  As long as it has
> > some way to verify that the request is indeed coming from the master,
> > I think that's enough to keep the working copies reasonably secure.
> >
> > --
> > Wendy
>
> --
> Brett Porter
> brett@apache.org
> http://brettporter.wordpress.com/
> http://au.linkedin.com/in/brettporter
>
>
>
>
>


-- 
Dr. Louis Smith, ThD
Chief Technology Officer, Kyra InfoTech
Colonel, Commemorative Air Force

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message