basic security related question
Udo Rader
we are in the process of evaluating wether Jenkins will fit our intended
security restrictions.
Our intended - simplified - flow of events for an integration build will
be like this:
1. user checks in some changes into our SVN repo
2. jenkins polls SVN
3. if jenkins has detected a change, it checks out the project and
starts to build it using maven
4. jenkins or maven tags the build and makes it available to authorized
users
Now I understand that I can configure users in jenkins that can have
certain access permissions within jenkins, so that is not our concern.
Furthermore I understand that we can have multiple SVN URLs that are
accessed using configurable accounts.
What I miss however is restriction for the maven build process. As far
as I understood maven integration into jenkins, it invokes maven using
the jenkins system daemon user. And that is exactly where our headache
starts.
Running maven as the jenkins system daemon user means that this very
user must have excessive rights on our entire infrastructure such as
SVN, because it needs to have access to all resources that any project
might have. So for example it needs to have extensive to check out or
tag stuff from/in our SVN or access anything on our archiva repository
server.
So now the question is if I can change the user used to run the maven
process on a per project basis. Otherwise I see a problem because a
build process for a very restricted project will have access to any
other "top secret" resource because the build process has far too many
rights.
And if that is not possible, how then do others ensure that the maven
build processes don't compromize the build server and further
infrastructure?
Regards
Udo Rader