[Gluster-infra] routinely updates for build.gluster.org?
kkeithle at redhat.com
Thu Jan 16 14:23:54 UTC 2014
Yesterday, as some of you know, I updated the kernel on
build.gluster.org to resolve an issue with tcp connectivity from vm guests.
In the process of doing that I talked to one or two other people who all
expressed concern that it hasn't been routinely updated. (A concern I
share.) The chief concern is that we might be vulnerable to being rooted
— as happened last year to the old download.gluster.com machine.
As we're getting ready to create an ssh-tunnel connection between
build.gluster.org and internal lab machines, that connection could be a
vector for hackers to gain access to other machines on Red Hat's
We need to routinely update build.gluster.org, download.gluster.org,
probably bits.gluster.org (I don't have shell access, so can't confirm),
and probably any other machines we have out there (what else is there?)
More information about the Gluster-infra