Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

what is the purpose of --no-command-eval? #913

Closed
nhooyr opened this issue Feb 11, 2019 · 3 comments
Closed

what is the purpose of --no-command-eval? #913

nhooyr opened this issue Feb 11, 2019 · 3 comments

Comments

@nhooyr
Copy link

nhooyr commented Feb 11, 2019

Can't someone just evaluate things in a script? What value does this option add?
@toolmantim
Copy link
Contributor

Commands are sourced from the BK instructions, whereas scripts are sourced from your repository. In the case of a malicious job instruction from Buildkite, the option provides a layer of defense. Does that make it clear?

@nhooyr
Copy link
Author

nhooyr commented Feb 17, 2019

Not clear to me. Could you provide an example of the protection it adds?

@toolmantim
Copy link
Contributor

I’ll try to clarify! This option doesn’t provide any protection for people with repository access… like you said, they can just change the executable scripts.

This option is usually used alongside the other options and techniques (e.g. hooks that do whitelisting), when you’re trying to ensure that only things that have been sourced from your repositories are being executed (and not arbitrary commands defined only in Buildkite or by a malicious third party).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@toolmantim @nhooyr