Aliger <mailto:[EMAIL PROTECTED]> ; ! nant
<mailto:[EMAIL PROTECTED]>
*Sent:* Wednesday, September 10, 2003 6:11 PM
*Subject:* RE: [nant-dev] NUnit security
Hi Martin,
If you have no special need for your service to run under a
privileged account, let it th
Title: [nant-dev] NUnit security
Seems ok.
It is not problem for me - just a general
thought.
Maybe we could add note about it into
doc for NUnit{1,2} tasks. Could be problem for projects like Draco.NET or
CruiseControl.NET which use Nant internally. The rights should be adjustable from
Title: [nant-dev] NUnit security
Hi Martin,
If you have no special need for your service to run under a privileged
account, let it then run with a less privileged account.
Otherwise you can use the built-in .Net runtime security
features:
Let your nant script copy everithing you
AIL PROTECTED]>
Sent: Wednesday, September 10, 2003 5:25 PM
Subject: Re: [nant-dev] NUnit security
> How is this more risky than running the code you are actually testing?
Isn't
> the real code and the test code written by the same group?
>
> --- Martin Aliger <[EMAIL PROTECT
How is this more risky than running the code you are actually testing? Isn't
the real code and the test code written by the same group?
--- Martin Aliger <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> I found serious security problem. My build server, which use NAnt
> internally, runs as windows servi
Hi all,
I found serious security problem. My build server, which use NAnt
internally, runs as windows service (as all build servers I know runs). This
service runs as priviliged user. Nothing wrong with that unless you run
test-cases with NUnit. It runs user code, which could contain maligious
tes