On Dec 17, 2010, at 11:53 AM, Leandro Pereira wrote: > On Thu, Dec 16, 2010 at 3:05 PM, William Siegrist <wsiegr...@apple.com> wrote: >> Our buildbot allows for anonymous people to trigger things on the slaves, >> and it is like this on purpose for ease of use. However, that means it is >> possible for a malicious person to do things like shutdown all of the >> slaves. That is what happened last night around 10:30pm PST, from >> 66.57.13.12, and that is why the slaves are offline. > > Something weird happened when the EFL slave was shut down. > > It runs as an unprivileged user, but for some reason, the log file > (twisted.log) and various other files inside the SVN checkout were > owned by root. I initially thought the other admin restarted the > buildslave service as root by mistake, but this isn't the case. > > I've fixed the permissions and the buildslave is up and running again, > but I'm still a bit worried about this. chkrootkit does not ring any > bells, and disk corruption is unlikely as this is both pontual and the > slave is an Amazon EC2 instance. Quick searches on Google didn't > return anything useful, so I ask: have things like this happened > before? >
No, it sounds like buildbot was run as root at some point. Maybe the owner(s) of the other slaves can chime in about this happening. -Bill _______________________________________________ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev