On 02/11/2011, at 7:48 PM, Adam Murdoch wrote:
> On 03/11/2011, at 5:49 AM, Luke Daley wrote:
>
>> I think we should not use a daemon if it was started by another user.
>
> Absolutely. This is GRADLE-1819, and it's near the front of the queue in
> pivotal.
I've seen that ticket, it wasn't clear to me that this is what it's referring
to.
>> If System.getProperty("user.name") is trustworthy (and it is AFAIK) it could
>> be as simple as comparing this on both sides. We have machinery for this now
>> so it would be trivial to add.
>
> Depends what we want to protect against. It would help if I accidentally ran
> gradle -g <some-other-user's-gradle-home-dir>. But it wouldn't protect
> against a malicious client, which could report whatever user name it liked.
I see this as two separate things.
1. verifying we are talking to an unmodified daemon (i.e. a gradle daemon
client that we shipped, with no changes)
2. checking that the user running the daemon process is the same as the user
running the client process
If we have 1, then 2 (and any other kind of check) seems simple.
> I think we want to start protecting against a malicious client, and do
> something a bit stronger.
Any ideas how? And are we talking about for 1.0?
--
Luke Daley
Principal Engineer, Gradleware
http://gradleware.com
