Feature #15798: Jenkins access for new FT members
Define security policy for access that gives arbitrary code execution on the Tails infrastructure
We have no security policy defined for access to the Jenkins web UI and for sending branches to Jenkins. Do we need one? If yes, what shall it be?
- Status changed from Confirmed to In Progress
- Assignee changed from intrigeri to groente
- % Done changed from 0 to 30
- QA Check set to Ready for QA
For #15798 I've analyzed potential consequences of the attacker taking control over Jenkins or one of its worker VMs. And then I did some work to make lateral movement harder for such an attacker. IMO the result is good enough to give FT members access to Jenkins without any specific security policy.
- Subject changed from Define security policy for access to Jenkins to Define security policy for access that give arbitrary code exec on a lizard VM
- Assignee changed from groente to intrigeri
- QA Check changed from Ready for QA to Dev Needed
Actually, some service admins already have SSH access to a lizard VM => let's generalize this ticket.
- % Done changed from 30 to 50
- QA Check deleted (
We've designed (thanks groente!) and drafted a security policy in sysadmin.git. I'll now send it to everyone who already has such access and we'll see what comes out from it. If those who are waiting in line for Jenkins access satisfy that policy, I'll give them access.