<div dir="ltr">I think that the best way to secure a buildbot in a MITM sensitive network (i.e internet) is to setup a VPN between slaves and masters<div><br></div><div>I have some vague recall that somebody claimed was doing it.</div><div><br></div><div>Pierre</div></div><br><div class="gmail_quote"><div dir="ltr">Le jeu. 5 nov. 2015 à 14:55, Dustin J. Mitchell <<a href="mailto:dustin@v.igoro.us">dustin@v.igoro.us</a>> a écrit :<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div>(dropping botherders)<br><br></div>"Security" is a pretty general term -- I don't think we can squeeze everything which someone might want to find in a search for "Buildbot security" onto that page! The page is intended to document our security incident response process.<br><br></div>The master/slave protocol is probably what you're looking for in this case:<br> <a href="http://docs.buildbot.net/latest/developer/master-slave.html" target="_blank">http://docs.buildbot.net/latest/developer/master-slave.html</a><br><br></div><div>The protocol is "Perspective Broker" (a Twisted RPC protocol) and by default it is over a cleartext channel. Since slaves authenticate to masters, the risk from a password disclosure is that the master would provide some private information to the slave which could be intercepted. A MITM is also possible, in which case the slave could be made to execute arbitrary code (that being its purpose in life). Both attacks can be mitigated by using TLS, although this is not trivial to configure, particularly if you want to perform proper certificate validation.<br></div><div><br></div>Dustin<br></div><div class="gmail_extra"><br><div class="gmail_quote"></div></div><div class="gmail_extra"><div class="gmail_quote">On Wed, Nov 4, 2015 at 10:55 PM, Bill Deegan <span dir="ltr"><<a href="mailto:bill@baddogconsulting.com" target="_blank">bill@baddogconsulting.com</a>></span> wrote:<br></div></div><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div>Nathan,<br><br></div>Thanks for the feedback, though most likely it'd be better if you sent the buildbot users mailing list<br><a href="https://lists.buildbot.net/mailman/listinfo/users" target="_blank">https://lists.buildbot.net/mailman/listinfo/users</a><br><br></div><div>The botherders mailing list is really mean for use in managing the buildbot project, and coordinating the botherders (like board members for the project).<br><br></div><div>Thanks,<br></div>-Bill<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Nov 4, 2015 at 1:32 PM, Nathan Wilcox <span dir="ltr"><<a href="mailto:nathan@leastauthority.com" target="_blank">nathan@leastauthority.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>I'm a one week old buildbot user, and I've only read the tutorial and parts of the manual specific to ``master.cfg``. I recall that a ``BuildSlave`` takes a password, but I'm not sure what kind of connection/protocol transmits those credentials, or commands from the master to the slave. So I searched for "buildbot security".<br></div><div><br>For my particular filter bubble on this particular day, a google search of "buildbot security" [1] returns the "security" page on the trac wiki for buildbot [2].<br><br></div><div>If that wiki page either contained a quick summary of the security model, or (better, IMO) links to the relevant sections in the official docs, then people who take this route would find that information.<br><br>[1] <a href="https://www.google.com/search?q=buildbot+security&ie=utf-8&oe=utf-8" target="_blank">https://www.google.com/search?q=buildbot+security&ie=utf-8&oe=utf-8</a><br clear="all"><div>[2] <a href="http://trac.buildbot.net/wiki/Security" target="_blank">http://trac.buildbot.net/wiki/Security</a><span><font color="#888888"><br><br></font></span></div><span><font color="#888888"><span><font color="#888888"><div><br>-- <br><div><div dir="ltr"><div>Nathan Wilcox<br>Least Authoritarian<br><br>email: <a href="mailto:nathan@leastauthority.com" target="_blank">nathan@leastauthority.com</a><br>twitter: @least_nathan<br></div></div></div>
</div></font></span></font></span></div></div><span><font color="#888888">
<br>_______________________________________________<br>
botherders mailing list<br>
<a href="mailto:botherders@buildbot.net" target="_blank">botherders@buildbot.net</a><br>
<a href="https://lists.buildbot.net/mailman/listinfo/botherders" rel="noreferrer" target="_blank">https://lists.buildbot.net/mailman/listinfo/botherders</a><br></font></span></blockquote></div><br></div>
<br>_______________________________________________<br></blockquote></div></div><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
users mailing list<br>
<a href="mailto:users@buildbot.net" target="_blank">users@buildbot.net</a><br>
<a href="https://lists.buildbot.net/mailman/listinfo/users" rel="noreferrer" target="_blank">https://lists.buildbot.net/mailman/listinfo/users</a><br></blockquote></div><br></div>
_______________________________________________<br>
users mailing list<br>
<a href="mailto:users@buildbot.net" target="_blank">users@buildbot.net</a><br>
<a href="https://lists.buildbot.net/mailman/listinfo/users" rel="noreferrer" target="_blank">https://lists.buildbot.net/mailman/listinfo/users</a></blockquote></div>