On Mar 20, 2014, at 2:24 PM, Chris Kilgour <techie () whiterocker com> wrote:
On 03/20/2014 01:07 PM, Gerald Combs wrote:
If the build system had open access what would keep someone from
uploading a shell script containing a box full of weasels wearing clown
Isn't the same thing true for Jenkins/buildbot spawned from gerrit? Surely the build machines must be
limited/sandboxed to prevent the circus from taking over the town.
Currently, it's limited to building stuff to which at least one core developer is willing to give +2. That requires
human judgement, so it's not as rigid as a hardware/software-implemented sandbox.