[webkit-dev] Build Slave Shutdown
leandro at profusion.mobi
Fri Dec 17 11:53:30 PST 2010
On Thu, Dec 16, 2010 at 3:05 PM, William Siegrist <wsiegrist at apple.com> wrote:
> Our buildbot allows for anonymous people to trigger things on the slaves,
> and it is like this on purpose for ease of use. However, that means it is
> possible for a malicious person to do things like shutdown all of the
> slaves. That is what happened last night around 10:30pm PST, from
> 220.127.116.11, and that is why the slaves are offline.
Something weird happened when the EFL slave was shut down.
It runs as an unprivileged user, but for some reason, the log file
(twisted.log) and various other files inside the SVN checkout were
owned by root. I initially thought the other admin restarted the
buildslave service as root by mistake, but this isn't the case.
I've fixed the permissions and the buildslave is up and running again,
but I'm still a bit worried about this. chkrootkit does not ring any
bells, and disk corruption is unlikely as this is both pontual and the
slave is an Amazon EC2 instance. Quick searches on Google didn't
return anything useful, so I ask: have things like this happened
More information about the webkit-dev