[JIRA] (JENKINS-50803) Paranoid mode for git-changelist-maven-extension
Title: Message Title Jesse Glick resolved as Fixed Done, but it is not enough to block attacks, since the search for clashes only runs from commits reachable from HEAD. If a legitimate developer pushes a (perhaps forked) PR, and then an attacker immediately creates another (forked) PR with a clashing prefix + revcount, neither CI build will see the other—and although the malicious PR would fail if the legitimate PR had already been merged, the attack would consist of trying to get the malicious PR deployed before the legitimate PR deployed, much less was merged. So the deployment tool also needs to check for prefix clashes across forks. Jenkins / JENKINS-50803 Paranoid mode for git-changelist-maven-extension Change By: Jesse Glick Status: In Progress Resolved Resolution: Fixed Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e)
[JIRA] (JENKINS-50803) Paranoid mode for git-changelist-maven-extension
Title: Message Title Jesse Glick commented on JENKINS-50803 Re: Paranoid mode for git-changelist-maven-extension There seem to be no clashes in jenkinsci/jenkins of hash prefix length 8 or greater; there is one of length 7, and a few dozen of length 6. There are no clashes of prefix and rev count of prefix length 4 or greater; at length 3, 84d9244520b917629e82b762eb7b7548cf5f6b9f and 84dcde5902755239f915dedafbdc0566bcde087a clash. Since we are using a 12-digit prefix, an accidental collision seems extremely unlikely. Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50803) Paranoid mode for git-changelist-maven-extension
Title: Message Title Jesse Glick started work on JENKINS-50803 Change By: Jesse Glick Status: Open In Progress Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50803) Paranoid mode for git-changelist-maven-extension
Title: Message Title Jesse Glick created an issue Jenkins / JENKINS-50803 Paranoid mode for git-changelist-maven-extension Issue Type: Story Assignee: Jesse Glick Components: plugin-pom Created: 2018-04-14 11:34 Labels: security Priority: Minor Reporter: Jesse Glick By default, or (if performance is poor) upon request from CI, do a RevWalk of the whole repository looking for clashes in commit hash prefix and rev count. If any is found, fail the build. This would block attempts to spoof a legitimate commit. Add Comment