On Tue, Jul 28, 2015 at 10:16PM, Branko Čibej wrote: > On 28.07.2015 21:36, Dmitriy Setrakyan wrote: > >> Cos, we are not talking about checking binaries. We are planning to > > support > > > >>> GIT/SVN/etc repositories with a POM file. This way we simply build it > >>> using maven ourselves and deploy it. > >> Well, even worst IMO. Why would you want to run an external build > >> process as a part of the nodes deployment? This will pose a security risk > >> in the production deployment and you will have to find a way to disable > >> this > >> in some case and allow it in the others, no? > >> > > Our Docker container right now does exactly that. The workflow is as > > following: > > > > 1. user changes code in a GIT repo > > 2. the GIT repo is provided as a parameter at docker container startup > > 3. docker builds the code and deploys it into Ignite > > 4. docker starts an Ignite server > > > > This is very convenient for a user, especially during development. What I > > wanted to do with "deploy(...)" method, is add the same level of > > convenience directly from client code. > > It's very convenient for users not to set a password on their computer > or mobile device, too. > > > Why do you think it will be a security risk? > > It's called a remote code execution exploit. Anyone who has write access > to the repo (i.e., anyone who can hack in) can change the deployed code > and DOS your whole cluster.
The situation gets even worst when you allow the deployment from a build; worst - running the build inside of node's deployment logic. Cos
