From: Theodore Ts'o <tytso@mit.edu>
To: Mark Brown <broonie@kernel.org>
Cc: ksummit-discuss@lists.linuxfoundation.org
Subject: Re: [Ksummit-discuss] [CORE TOPIC] services needed from kernel.org infrastructure
Date: Wed, 8 Jul 2015 10:01:55 -0400 [thread overview]
Message-ID: <20150708140155.GA20551@thunk.org> (raw)
In-Reply-To: <20150708093511.GL11162@sirena.org.uk>
On Wed, Jul 08, 2015 at 10:35:11AM +0100, Mark Brown wrote:
>
> I think the only barrier here is someone writing some tooling that is
> sufficiently useful and generic enough to work for people. I know I
> wrote my scripts mainly because none of the scripts I could find tie in
> with my workflow (mainly around figuring out which branches in my local
> tree correspond to branches on the server and syncing them up). If
> there'd been something I could just pick up I'd have happily done so.
Yeah, your concerns mirror mine:
1) It will require a lot of configuration --- just because a commit
shows up on a branch does not mean it is guaranteed that it will hit
mainline. In fact, a maintainer might push a commit onto a throwaway
branch on kernel.org just so that the zero-day testing systems can
give the commit a spin. So that means it's not just enough to throw a
bunch of git hook scripts on master.kernel.org, because maintainers
will need to have to configure, if not customize, them.
This leads to my second concern which is:
2) Having shell scripts run on master.kernel.org can be a significant
security concern; this is *especially* true if customization or
configuration is required.
> > This would be caught immediately if it's properly maintained "project".
>
> Or alternatively would allow people to quickly attack a large number of
> developers :)
Indeed.
- Ted
next prev parent reply other threads:[~2015-07-08 14:02 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-07-07 20:42 Jiri Kosina
2015-07-07 22:40 ` Mark Brown
2015-07-07 22:52 ` Dmitry Torokhov
2015-07-08 2:16 ` Greg KH
2015-07-08 8:02 ` Jiri Kosina
2015-07-08 9:35 ` Mark Brown
2015-07-08 14:01 ` Theodore Ts'o [this message]
2015-07-08 14:36 ` Jason Cooper
2015-07-08 14:40 ` Jiri Kosina
2015-07-08 15:00 ` Greg KH
2015-07-12 12:55 ` Fengguang Wu
2015-07-13 16:22 ` Steven Rostedt
2015-07-14 13:07 ` Fengguang Wu
2015-07-08 14:59 ` Greg KH
2015-07-08 15:08 ` Jiri Kosina
2015-07-08 15:42 ` Steven Rostedt
2015-07-07 22:53 ` josh
2015-07-08 7:35 ` Jiri Kosina
2015-07-08 13:05 ` Jason Cooper
2015-07-07 23:31 ` Andy Lutomirski
2015-07-07 23:37 ` Guenter Roeck
2015-07-07 23:38 ` Andy Lutomirski
2015-07-08 8:01 ` Geert Uytterhoeven
2015-07-08 7:31 ` James Bottomley
2015-07-08 13:25 ` Konstantin Ryabitsev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150708140155.GA20551@thunk.org \
--to=tytso@mit.edu \
--cc=broonie@kernel.org \
--cc=ksummit-discuss@lists.linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox