[Gluster-infra] routinely updates for build.gluster.org?

Kaleb KEITHLEY kkeithle at redhat.com
Thu Jan 16 14:23:54 UTC 2014

Yesterday, as some of you know, I updated the kernel on 
build.gluster.org to resolve an issue with tcp connectivity from vm guests.

In the process of doing that I talked to one or two other people who all 
expressed concern that it hasn't been routinely updated. (A concern I 
share.) The chief concern is that we might be vulnerable to being rooted 
— as happened last year to the old download.gluster.com machine.

As we're getting ready to create an ssh-tunnel connection between 
build.gluster.org and internal lab machines, that connection could be a 
vector for hackers to gain access to other machines on Red Hat's 
internal network.

We need to routinely update build.gluster.org, download.gluster.org, 
probably bits.gluster.org (I don't have shell access, so can't confirm), 
and probably any other machines we have out there (what else is there?)



More information about the Gluster-infra mailing list