[users at bb.net] Improvement request for "security" wiki page.

Pierre Tardy tardyp at gmail.com
Thu Nov 5 16:26:58 UTC 2015 

I think that the best way to secure a buildbot in a MITM sensitive network
(i.e internet) is to setup a VPN between slaves and masters

I have some vague recall that somebody claimed was doing it.

Pierre

Le jeu. 5 nov. 2015 à 14:55, Dustin J. Mitchell <dustin at v.igoro.us> a
écrit :

> (dropping botherders)
>
> "Security" is a pretty general term -- I don't think we can squeeze
> everything which someone might want to find in a search for "Buildbot
> security" onto that page!  The page is intended to document our security
> incident response process.
>
> The master/slave protocol is probably what you're looking for in this case:
>   http://docs.buildbot.net/latest/developer/master-slave.html
>
> The protocol is "Perspective Broker" (a Twisted RPC protocol) and by
> default it is over a cleartext channel.  Since slaves authenticate to
> masters, the risk from a password disclosure is that the master would
> provide some private information to the slave which could be intercepted.
> A MITM is also possible, in which case the slave could be made to execute
> arbitrary code (that being its purpose in life).  Both attacks can be
> mitigated by using TLS, although this is not trivial to configure,
> particularly if you want to perform proper certificate validation.
>
> Dustin
>
> On Wed, Nov 4, 2015 at 10:55 PM, Bill Deegan <bill at baddogconsulting.com>
> wrote:
>
>> Nathan,
>>
>> Thanks for the feedback, though most likely it'd be better if you sent
>> the buildbot users mailing list
>> https://lists.buildbot.net/mailman/listinfo/users
>>
>> The botherders mailing list is really mean for use in managing the
>> buildbot project, and coordinating the botherders (like board members for
>> the project).
>>
>> Thanks,
>> -Bill
>>
>> On Wed, Nov 4, 2015 at 1:32 PM, Nathan Wilcox <nathan at leastauthority.com>
>> wrote:
>>
>>> I'm a one week old buildbot user, and I've only read the tutorial and
>>> parts of the manual specific to ``master.cfg``. I recall that a
>>> ``BuildSlave`` takes a password, but I'm not sure what kind of
>>> connection/protocol transmits those credentials, or commands from the
>>> master to the slave. So I searched for "buildbot security".
>>>
>>> For my particular filter bubble on this particular day, a google search
>>> of "buildbot security" [1] returns the "security" page on the trac wiki for
>>> buildbot [2].
>>>
>>> If that wiki page either contained a quick summary of the security
>>> model, or (better, IMO) links to the relevant sections in the official
>>> docs, then people who take this route would find that information.
>>>
>>> [1] https://www.google.com/search?q=buildbot+security&ie=utf-8&oe=utf-8
>>> [2] http://trac.buildbot.net/wiki/Security
>>>
>>>
>>> --
>>> Nathan Wilcox
>>> Least Authoritarian
>>>
>>> email: nathan at leastauthority.com
>>> twitter: @least_nathan
>>>
>>> _______________________________________________
>>> botherders mailing list
>>> botherders at buildbot.net
>>> https://lists.buildbot.net/mailman/listinfo/botherders
>>>
>>
>>
>> _______________________________________________
>>
> users mailing list
>> users at buildbot.net
>> https://lists.buildbot.net/mailman/listinfo/users
>>
>
> _______________________________________________
> users mailing list
> users at buildbot.net
> https://lists.buildbot.net/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.buildbot.net/pipermail/users/attachments/20151105/6ec27725/attachment.html>

More information about the users mailing list