On 16/11/2017 11:32, Erik Bray wrote:
On Wed, Nov 15, 2017 at 10:00 AM, David Loeffler
<d.a.loeff...@warwick.ac.uk> wrote:
I'd like to request opinions on whether we should get rid of the "Trusted
Authors" check in the Sage patchbot.
At present, the patchbot won't test a ticket unless all of the names in the
Trac "Authors" field have had at least one ticket previously merged.
Presumably the intention of this is to prevent people uploading git branches
with malicious code that will hijack the patchbot servers. But the "Authors"
field is a free text field; there's nothing to stop anybody with a trac
account uploading a git branch with author set to "William Stein", or
"Mickey Mouse" for that matter. So this feature provides zero actual
security against attacks, and only serves to make life more difficult for
legitimate users -- and, worse still, it specifically targets new
contributors who we want at all costs to encourage.
So I would advocate getting rid of the "Trust" feature -- or at least
adjusting it so it runs the ticket if any of the authors are trusted (rather
than all of them). What do others here think of this idea?
(I spotted this while reviewing ticket 19169, where the authors are a group
of first-time Sage contributors from Sage Days 69 in 2015. The ticket has
been languishing in needs-review purgatory for most of the intervening 2
years, and the fact that it didn't have a green light from the patchbot
probably contributed to that.)
+1 please consider opening an issue at https://github.com/sagemath/sage-patchbot
Indeed.
I believe it's already possible to configure a patchbot to allow
"untrusted" authors, but it's not the default. You're right that the
"feature" makes no sense.
Not exactly. You can have a custom "white list".
The only way to run a patchbot anything remotely "securely" is to be
running it on an isolated VM. A lot of the other defaults for the
patchbot (such as not testing package updates) are similarly false
security, as we discussed here a few days ago.
The real problem is that the patchbot would have to find the tarball! We
do not have a canonical place for them.
--
You received this message because you are subscribed to the Google Groups
"sage-devel" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to sage-devel+unsubscr...@googlegroups.com.
To post to this group, send email to sage-devel@googlegroups.com.
Visit this group at https://groups.google.com/group/sage-devel.
For more options, visit https://groups.google.com/d/optout.
