Re: Suspicious sources placed by Jenkins to /tmp

2016-11-14 Thread Jozef Babjak 
The mystery is solved. Jenkins is not guilty at all. 

It was nodejs/npm who tried to install that library from sources, because 
it was not available in the system. I'm not sure why, I'm not sure if it 
succeed or not and I do not know why it does not clean up afterwards, but 
for now it sufficient for me to know that I'm not hacked. :-)

Jozef


On Sunday, November 13, 2016 at 3:08:48 PM UTC+1, Baptiste Mathus wrote:
>
> Might be better that the plugin (?) cleans this up. But I'm not sure 
> that's a security issue: it's already on machine(s) where anyway that 
> source code constantly comes and goes on the disk. So?
>
> Le 9 nov. 2016 9:11 AM, "Jozef Babjak" > 
> a écrit :
>
>> Hello!
>>
>> My Jenkins is creating random (UUID-named) directories under /tmp 
>> directory. Each such directory contains C source codes of libjpeg-turbo, or 
>> at least something which look so. From security point of view it seems to 
>> me very suspicious, if such program like Java-based Jenkins is storing C 
>> sources. 
>>
>> Is this anything which is expected?
>>
>> Some interesting environment settings follow below.
>>
>> Jozef
>>
>> 
>>
>> OS: Red Hat Enterprise Linux Server release 7.1 (Maipo)
>> Jenkins: 2.19.2
>> Java: Java HotSpot(TM) 64-Bit Server VM (build 25.112-b15, mixed mode)
>>
>> installed plugins:
>>
>> ace-editor 1.1
>> active-directory 2.0
>> analysis-core 1.79
>> ant 1.4
>> antisamy-markup-formatter 1.5
>> bouncycastle-api 2.16.0
>> branch-api 1.11.1
>> build-timeout 1.17.1
>> checkstyle 3.46
>> cloudbees-folder 5.13
>> credentials 2.1.8
>> dashboard-view 2.9.10
>> display-url-api 0.5
>> durable-task 1.12
>> email-ext 2.52
>> emailext-template 1.0
>> external-monitor-job 1.6
>> git 3.0.0
>> git-client 2.1.0
>> git-server 1.7
>> gradle 1.25
>> handlebars 1.1.1
>> icon-shim 2.0.3
>> javadoc 1.4
>> jquery-detached 1.2.1
>> junit 1.19
>> ldap 1.13
>> mailer 1.18
>> matrix-auth 1.4
>> matrix-project 1.7.1
>> maven-plugin 2.14
>> momentjs 1.1.1
>> pam-auth 1.3
>> pipeline-build-step 2.3
>> pipeline-graph-analysis 1.2
>> pipeline-input-step 2.3
>> pipeline-milestone-step 1.1
>> pipeline-rest-api 2.2
>> pipeline-stage-step 2.2
>> pipeline-stage-view 2.2
>> resource-disposer 0.3
>> role-strategy 2.3.2
>> scm-api 1.3
>> script-security 1.24
>> ssh-credentials 1.12
>> structs 1.5
>> timestamper 1.8.7
>> token-macro 2.0
>> windows-slaves 1.2
>> workflow-aggregator 2.4
>> workflow-api 2.5
>> workflow-basic-steps 2.3
>> workflow-cps 2.22
>> workflow-cps-global-lib 2.4
>> workflow-durable-task-step 2.5
>> workflow-job 2.8
>> workflow-multibranch 2.9
>> workflow-scm-step 2.2
>> workflow-step-api 2.5
>> workflow-support 2.10
>> ws-cleanup 0.32
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Jenkins Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to jenkinsci-use...@googlegroups.com .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/jenkinsci-users/2420e301-ee95-4c5a-b080-290b73957658%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/f02fc114-77c8-4751-be7d-fd9f2e822e9c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: Suspicious sources placed by Jenkins to /tmp

2016-11-13 Thread Baptiste Mathus 
Might be better that the plugin (?) cleans this up. But I'm not sure that's
a security issue: it's already on machine(s) where anyway that source code
constantly comes and goes on the disk. So?

Le 9 nov. 2016 9:11 AM, "Jozef Babjak"  a écrit :

> Hello!
>
> My Jenkins is creating random (UUID-named) directories under /tmp
> directory. Each such directory contains C source codes of libjpeg-turbo, or
> at least something which look so. From security point of view it seems to
> me very suspicious, if such program like Java-based Jenkins is storing C
> sources.
>
> Is this anything which is expected?
>
> Some interesting environment settings follow below.
>
> Jozef
>
> 
>
> OS: Red Hat Enterprise Linux Server release 7.1 (Maipo)
> Jenkins: 2.19.2
> Java: Java HotSpot(TM) 64-Bit Server VM (build 25.112-b15, mixed mode)
>
> installed plugins:
>
> ace-editor 1.1
> active-directory 2.0
> analysis-core 1.79
> ant 1.4
> antisamy-markup-formatter 1.5
> bouncycastle-api 2.16.0
> branch-api 1.11.1
> build-timeout 1.17.1
> checkstyle 3.46
> cloudbees-folder 5.13
> credentials 2.1.8
> dashboard-view 2.9.10
> display-url-api 0.5
> durable-task 1.12
> email-ext 2.52
> emailext-template 1.0
> external-monitor-job 1.6
> git 3.0.0
> git-client 2.1.0
> git-server 1.7
> gradle 1.25
> handlebars 1.1.1
> icon-shim 2.0.3
> javadoc 1.4
> jquery-detached 1.2.1
> junit 1.19
> ldap 1.13
> mailer 1.18
> matrix-auth 1.4
> matrix-project 1.7.1
> maven-plugin 2.14
> momentjs 1.1.1
> pam-auth 1.3
> pipeline-build-step 2.3
> pipeline-graph-analysis 1.2
> pipeline-input-step 2.3
> pipeline-milestone-step 1.1
> pipeline-rest-api 2.2
> pipeline-stage-step 2.2
> pipeline-stage-view 2.2
> resource-disposer 0.3
> role-strategy 2.3.2
> scm-api 1.3
> script-security 1.24
> ssh-credentials 1.12
> structs 1.5
> timestamper 1.8.7
> token-macro 2.0
> windows-slaves 1.2
> workflow-aggregator 2.4
> workflow-api 2.5
> workflow-basic-steps 2.3
> workflow-cps 2.22
> workflow-cps-global-lib 2.4
> workflow-durable-task-step 2.5
> workflow-job 2.8
> workflow-multibranch 2.9
> workflow-scm-step 2.2
> workflow-step-api 2.5
> workflow-support 2.10
> ws-cleanup 0.32
>
> --
> You received this message because you are subscribed to the Google Groups
> "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to jenkinsci-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/jenkinsci-users/2420e301-ee95-4c5a-b080-290b73957658%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/CANWgJS6Z_OamK36in_qTo3W8dMkkcwy%3D963N6oEHOENRkHJ2XA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Suspicious sources placed by Jenkins to /tmp

2016-11-09 Thread Jozef Babjak 
Hello!

My Jenkins is creating random (UUID-named) directories under /tmp 
directory. Each such directory contains C source codes of libjpeg-turbo, or 
at least something which look so. From security point of view it seems to 
me very suspicious, if such program like Java-based Jenkins is storing C 
sources. 

Is this anything which is expected?

Some interesting environment settings follow below.

Jozef



OS: Red Hat Enterprise Linux Server release 7.1 (Maipo)
Jenkins: 2.19.2
Java: Java HotSpot(TM) 64-Bit Server VM (build 25.112-b15, mixed mode)

installed plugins:

ace-editor 1.1
active-directory 2.0
analysis-core 1.79
ant 1.4
antisamy-markup-formatter 1.5
bouncycastle-api 2.16.0
branch-api 1.11.1
build-timeout 1.17.1
checkstyle 3.46
cloudbees-folder 5.13
credentials 2.1.8
dashboard-view 2.9.10
display-url-api 0.5
durable-task 1.12
email-ext 2.52
emailext-template 1.0
external-monitor-job 1.6
git 3.0.0
git-client 2.1.0
git-server 1.7
gradle 1.25
handlebars 1.1.1
icon-shim 2.0.3
javadoc 1.4
jquery-detached 1.2.1
junit 1.19
ldap 1.13
mailer 1.18
matrix-auth 1.4
matrix-project 1.7.1
maven-plugin 2.14
momentjs 1.1.1
pam-auth 1.3
pipeline-build-step 2.3
pipeline-graph-analysis 1.2
pipeline-input-step 2.3
pipeline-milestone-step 1.1
pipeline-rest-api 2.2
pipeline-stage-step 2.2
pipeline-stage-view 2.2
resource-disposer 0.3
role-strategy 2.3.2
scm-api 1.3
script-security 1.24
ssh-credentials 1.12
structs 1.5
timestamper 1.8.7
token-macro 2.0
windows-slaves 1.2
workflow-aggregator 2.4
workflow-api 2.5
workflow-basic-steps 2.3
workflow-cps 2.22
workflow-cps-global-lib 2.4
workflow-durable-task-step 2.5
workflow-job 2.8
workflow-multibranch 2.9
workflow-scm-step 2.2
workflow-step-api 2.5
workflow-support 2.10
ws-cleanup 0.32

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/2420e301-ee95-4c5a-b080-290b73957658%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.