Slave build ID should not be used for much at all
Bug #549907 reported by
William Grant
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Launchpad itself |
Fix Released
|
Low
|
William Grant | ||
Bug Description
The slave build ID is not trustworthy -- anybody can easily compromise a slave and make it return whatever build ID they want. But it's currently used in lots of buildd-manager logging, which is confusing and potentially unsafe.
Nothing should touch slave build IDs except dispatchBuildTo
Related branches
lp://staging/~wgrant/launchpad/bug-549907-stop-using-slave-build-id
- Michael Nelson (community): Approve (code)
- Jelmer Vernooij (community): Approve (code*)
-
Diff: 179 lines (+21/-22)5 files modifiedlib/lp/buildmaster/model/buildbase.py (+5/-4)
lib/lp/buildmaster/model/builder.py (+3/-3)
lib/lp/soyuz/doc/buildd-slavescanner.txt (+1/-7)
lib/lp/translations/model/translationtemplatesbuildbehavior.py (+11/-7)
lib/lp/translations/tests/test_translationtemplatesbuildbehavior.py (+1/-1)
| Changed in soyuz: | |
| status: | New → In Progress |
| importance: | Undecided → Low |
| assignee: | nobody → William Grant (wgrant) |
Revision history for this message
| Ursula Junque (ursinha) wrote Bug fixed by a commit | #1 |
| Changed in soyuz: | |
| milestone: | none → 10.04 |
| status: | In Progress → Fix Committed |
| tags: | added: qa-needstesting |
| tags: |
added: qa-ok removed: qa-needstesting |
| Changed in soyuz: | |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
Fixed in stable r10654 <http://