continuum-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Carlos Sanchez (JIRA)" <j...@codehaus.org>
Subject [jira] Commented: (CONTINUUM-1731) Allow running builds in a chroot jail
Date Thu, 05 Jun 2008 23:32:12 GMT

    [ http://jira.codehaus.org/browse/CONTINUUM-1731?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=137586#action_137586
] 

Carlos Sanchez commented on CONTINUUM-1731:
-------------------------------------------

right now the builds run chrooted but I was told the user could escape the chroot jail 

in AbstractBuildExecutor the chroot call should be followed with a "su username" with an user
that has no privileges.

> Allow running builds in a chroot jail
> -------------------------------------
>
>                 Key: CONTINUUM-1731
>                 URL: http://jira.codehaus.org/browse/CONTINUUM-1731
>             Project: Continuum
>          Issue Type: New Feature
>          Components: Core system
>    Affects Versions: 1.1
>            Reporter: Carlos Sanchez
>             Fix For: 1.2
>
>
> A nice feature would be to run continuum builds in chroot environments to avoid possible
malicious commands and so a project can't access files from another project
> The distinction could be per project group

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message