[squeak-dev] Re: [CI] Security

Frank Shearar frank.shearar at gmail.com
Fri Jun 24 19:49:26 UTC 2011


On 24 June 2011 19:50, Yanni Chiu <yanni at rogers.com> wrote:
> On 24/06/11 8:17 AM, Frank Shearar wrote:
>>
>> I suppose we have to ask what we want out of the CI - do we want
>> pretty web pages with red and blue icons? Would a simple mail on a
>> breaking build be sufficient for our needs? (Or a mail for a
>> successful one: noisier, but allows one to distinguish between a
>> working build and a dead CI server.)
>
> People can get an RSS feed for all builds, failed builds, etc.
>
>> If that's all that's needed, then I suspect one could do something
>> like run the Hudson installation on a local port, and have people use
>> ssh forwarding: ssh -L 8000:foo.bar.com:9090 me at foo.bar.com and then
>> you can go to http://localhost:8000/.
>
> I don't understand why this is needed.

Because then you're relying on ssh keys to authenticate a user, not
some flakey userland authentication scheme. And because then those
with shell access can use the web UI without exposing Hudson to
attack.

Also, because the owner of the server on my jail won't permit an
exposed Hudson, precisely because of the kinds of things Hudson can
do.

>> Not undoably bad for the CI admin. If we want to serve up "this is how
>> things are going" on a web page, I _guess_ we could do that with
>> Apache RewriteRule-fu. Anyone clued up on that?
>
> I don't understand why any web page development is needed. Hudson/Jenkins
> has a web UI already. Just open up a firewall portno for whichever portno
> it's listening on.

I'm not talking about web page development. I'm talking about
selectively exposing read-only status pages.

> However, a nicer configuration would be to set "ci.squeak.org" to redirect
> to localhost:8080 (or whatever portno it's set to use).

That's not a bad idea!

frank



More information about the Squeak-dev mailing list