[Python-Dev] Buildbot for AIX

Sébastien Sablé sable at users.sourceforge.net
Mon Sep 20 16:34:35 CEST 2010

Hi Martin,

Le 17/09/2010 14:42, "Martin v. Löwis" a écrit :
> If you are having the build slave compile Python, I'd like to point
> out that you *already* run arbitrary shell commands provided by
> some external source: if somebody would check some commands into
> Python's configure.in, you would unconditionally execute them.
> So if it's ok that you run the Python build process at all, it should
> (IMO) also be acceptable to run a build slave.
> If there are concerns that running it under your Unix account gives it
> too much power, you should create a separate, locked-down account.

Someone messing with the configure script in python svn would probably 
get noticed very quickly, but I agree this is also a security risk, and 
the buildbot slave runs with a user with limited privileges.

I will try to convince the IT Team that this is an acceptable risk and 
setup a chroot or something like that for the buildbot slave. That may 
take some time.

Also could you provide me the master.cfg file (with obfuscated 
passwords) that is used by the Python buildbot master or tell me if it 
is in subversion somewhere?
I would like to make my script as close as possible to yours, in order 
to propose a patch for the AIX specific flags that have to be used for 
compilation on this platform when everything will be stable enough.


Sébastien Sablé

More information about the Python-Dev mailing list