Sebastian Kuzminsky wrote: > # let the farm user run "sudo make setuid" without a password by > adding this line to /etc/sudoers: > farmer ALL = ALL, NOPASSWD: /usr/bin/make setuid >
This part raises a red flag for me, as I mentioned on IRC last night. If you set this passwordless sudo, then it is theoretically possible for somebody to check a trojan makefile into our CVS, and a few minutes later it would run on your box as root. If your buildbot system is a dedicated virtual machine used for nothing else, the risk is probably tolerable. I would NOT make this change to /etc/sudoers if "farmer" is a user on a non-virtual machine that you use for other things. The odds of such a thing happening are slim - Joe Hacker can't commit a trojan, only someone with commit access to the server could do it. And, the CVS logs would tell us exactly who it was, so we could give them the beating they so richly deserve. But the risk needs to be acknowledged. Note that the "sudo make setuid" step of the build process is NOT needed if all we want to do is test compiles. It IS needed if we want to run the test suite, which would be nice to do. (The current compile farm is not running the test suite.) I'm not sure if sim-only system need to run the make setuid step or not. We'll be hashing out the details over the next few days. Regards, John Kasunich ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Emc-developers mailing list Emc-developers@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/emc-developers
