[squeak-dev] [CI] Security

Casey Ransberger casey.obrien.r at gmail.com
Thu Jun 23 22:19:37 UTC 2011

A friend of a friend passed along a valid concern today: Hudson/Jenkins can run arbitrary shell commands. 

People all over the place are running public Hudson servers, so I don't think this is necessarily of *great* concern, I mean we can probably just run it in a chroot jail and call it golden. 

That said, while I've set up several different CI solutions for internal use by software teams, it was always behind a corporate firewall. This will be my first world-facing adventure with continuous integration. 

I think this is worth talking about. Does anyone here have any experience to share that we can potentially learn from?

More information about the Squeak-dev mailing list