[OpenStack-Infra] Question about running arbitrary code in gerrit
Monty Taylor
mordred at inaugust.com
Wed Mar 18 15:12:28 UTC 2015
On 03/18/2015 10:55 AM, David Kranz wrote:
> Apologies if this is covered somewhere. I was wondering what, if
> anything, we do to prevent some one from uploading code to gerrit that,
> for example, sends email bomb threats or other malicious actions?
We do nothing - this is one of the main reasons that we treat all of our
build hosts as compromised and hostile and that we delete them after
running a single job.
The mitigating factor so far is that if you did that, the patch would be
tracked back to the account you used which would be tied to the legal
agreements you signed, etc. It's not exactly a short process to get up
and going with being able to submit patches.
We also have hard externally controlled timeouts on jobs, so at worst
you'd only get a mailbot for a chunk of time ... and then we'd come hunt
you down. :)
Monty
More information about the OpenStack-Infra
mailing list