Project

General

Profile

Feature #15981

Feature #15798: Jenkins access for new FT members

Define security policy for access that gives arbitrary code execution on the Tails infrastructure

Added by intrigeri 24 days ago. Updated 10 days ago.

Status:
In Progress
Priority:
Normal
Assignee:
Category:
Continuous Integration
Target version:
Start date:
09/26/2018
Due date:
% Done:

50%

QA Check:
Feature Branch:
Type of work:
Communicate
Blueprint:
Starter:
Affected tool:

Description

We have no security policy defined for access to the Jenkins web UI and for sending branches to Jenkins. Do we need one? If yes, what shall it be?


Related issues

Blocks Tails - Feature #13284: Core work 2017Q2→2019Q2: Sysadmin (Adapt our infrastructure) Confirmed 06/30/2017

History

#1 Updated by intrigeri 24 days ago

  • Status changed from Confirmed to In Progress
  • Assignee changed from intrigeri to groente
  • % Done changed from 0 to 30
  • QA Check set to Ready for QA

For #15798 I've analyzed potential consequences of the attacker taking control over Jenkins or one of its worker VMs. And then I did some work to make lateral movement harder for such an attacker. IMO the result is good enough to give FT members access to Jenkins without any specific security policy.

#2 Updated by intrigeri 24 days ago

  • Subject changed from Define security policy for access to Jenkins to Define security policy for access that give arbitrary code exec on a lizard VM
  • Assignee changed from groente to intrigeri
  • QA Check changed from Ready for QA to Dev Needed

Actually, some service admins already have SSH access to a lizard VM => let's generalize this ticket.

#3 Updated by intrigeri 24 days ago

  • Blocks Feature #13284: Core work 2017Q2→2019Q2: Sysadmin (Adapt our infrastructure) added

#4 Updated by intrigeri 24 days ago

  • Subject changed from Define security policy for access that give arbitrary code exec on a lizard VM to Define security policy for access that give arbitrary code execution on the Tails infrastructure

#5 Updated by intrigeri 24 days ago

  • Subject changed from Define security policy for access that give arbitrary code execution on the Tails infrastructure to Define security policy for access that gives arbitrary code execution on the Tails infrastructure

#6 Updated by intrigeri 24 days ago

  • % Done changed from 30 to 50
  • QA Check deleted (Dev Needed)

We've designed (thanks groente!) and drafted a security policy in sysadmin.git. I'll now send it to everyone who already has such access and we'll see what comes out from it. If those who are waiting in line for Jenkins access satisfy that policy, I'll give them access.

#8 Updated by intrigeri 24 days ago

  • Type of work changed from Sysadmin to Communicate

#9 Updated by intrigeri 10 days ago

  • Target version changed from Tails_3.10 to Tails_3.11

2 weeks later, I've pinged everyone who did not reply yet. I'll come back to it in ~2 more weeks.

Also available in: Atom PDF