On Tue, Apr 07, 2020 at 12:48:34PM +0100, Daniel P. Berrangé wrote:
> On Tue, Apr 07, 2020 at 01:45:46PM +0200, Erik Skultety wrote:
> > On Tue, Apr 07, 2020 at 12:37:01PM +0100, Daniel P. Berrangé wrote:
> > > On Tue, Apr 07, 2020 at 01:31:17PM +0200, Erik Skultety wrote:
> > > > We're creating a
On Tue, Apr 07, 2020 at 01:45:46PM +0200, Erik Skultety wrote:
> On Tue, Apr 07, 2020 at 12:37:01PM +0100, Daniel P. Berrangé wrote:
> > On Tue, Apr 07, 2020 at 01:31:17PM +0200, Erik Skultety wrote:
> > > We're creating a dedicated user to run the gitlab agent, so why not
> > > store the agent
On Tue, Apr 07, 2020 at 12:37:01PM +0100, Daniel P. Berrangé wrote:
> On Tue, Apr 07, 2020 at 01:31:17PM +0200, Erik Skultety wrote:
> > We're creating a dedicated user to run the gitlab agent, so why not
> > store the agent within the user profile and execute it from there.
>
> I'm wary of this
On Tue, Apr 07, 2020 at 01:31:17PM +0200, Erik Skultety wrote:
> We're creating a dedicated user to run the gitlab agent, so why not
> store the agent within the user profile and execute it from there.
I'm wary of this as it seems like it can create a exploit vector.
ie malicious code running as
We're creating a dedicated user to run the gitlab agent, so why not
store the agent within the user profile and execute it from there.
Signed-off-by: Erik Skultety
---
guests/playbooks/update/tasks/users.yml | 7 +++
1 file changed, 7 insertions(+)
diff --git