----- Original Message -----
Sent: Wednesday, September 10, 2003 6:11
PM
Subject: RE: [nant-dev] NUnit
security
Hi Martin,
If you have no special need for your service to run under a privileged
account, let it then run with a less privileged account.
Otherwise you can use the built-in .Net runtime security
features:
Let your nant script copy everithing you need to a special folder (incl
Nunit assemblies).
& configure the .Net runtime on the build server so that everithing
that is runned from this folder is granted less privileges.
If your running W*S go to the administrative tools, .net Framework
Configuration
Runtime Security policy>Machine> code groups > all Code >
My_computer_zone & make a new code group who's
condition types is url and use "
file://some directory/*.*" & the choose the
permission set you want to use. (this can be done via the cmd line
caspol)
Hope this helps.
Yves
-----Oorspronkelijk bericht-----
Van: Martin
Aliger [mailto:[EMAIL PROTECTED]
Verzonden: wo 9/10/2003
4:43 PM
Aan: ! nant
CC:
Onderwerp:
[nant-dev] NUnit security
Hi all,
I found serious security problem. My build
server, which use NAnt
internally, runs as windows service (as all build
servers I know runs). This
service runs as priviliged user. Nothing wrong
with that unless you run
test-cases with NUnit. It runs user code, which
could contain maligious
tests... It is not big problem for us, since I
trust my
coleagues, but it could be problem in some
scenarios.
What about limit somehow permitions in NUnitTask? Or is
something done in
NUnit
itself?
Regards,
Martin
-------------------------------------------------------
This
sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
nant-developers
mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/nant-developers
