[openstack-dev] Hyperv test blobs?
thierry at openstack.org
Wed Dec 5 10:03:06 UTC 2012
Joshua Harlow wrote:
> There seem to be a bunch of binary serialized objects here that contain
> some secret hidden code used during testing (probably not harmful but
> who am I to say when the contents aren't visible). From a little decode
> script that I wrote to try to see whats going on here
> @ http://paste.ubuntu.com/1411286/ (that’s just a decode of one of those
> files) is it possible that in the future we can not accept such binary
> blobs (even for testing). Not to set off a /panic/, but if binary blobs
> are allowed in, then who is really sure that said blob isn't executing
> some code on my CI machine (or elsewhere) that could be doing malicious
> activities. Without clear-text source files, its pretty hard to say that
> they aren't (yes its just for testing, but that’s besides the point).
Yes, I was also annoyed by that when I discovered it. It's not that our
sources should absolutely not contain binary files (there are a few
images out there), but the fact that we can't easily regenerate those
binary mock blobs (or check that they are harmless) is quite... disturbing.
> Did anyone besides the committers peek into those files to determine
> what is going on there (reviewers?)?
> It looks like a 'future statement' said that json will go in @
> but shouldn't that have happened to begin with?
I'd like that to happen ASAP too, but I have no idea how much work is
involved. Let's see what the Hyper-V crew says.
Thanks for raising this, it fell off of my radar.
Thierry Carrez (ttx)
Release Manager, OpenStack
More information about the OpenStack-dev