Re: [nant-dev] NUnit security

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

How is this more risky than running the code you are actually testing?  Isn't
the real code and the test code written by the same group?

--- Martin Aliger <mar...@go...> wrote:
> Hi all,
> 
> I found serious security problem. My build server, which use NAnt
> internally, runs as windows service (as all build servers I know runs). This
> service runs as priviliged user. Nothing wrong with that unless you run
> test-cases with NUnit. It runs user code, which could contain maligious
> tests... It is not big problem for us, since I trust my
> coleagues, but it could be problem in some scenarios.
> 
> What about limit somehow permitions in NUnitTask? Or is something done in
> NUnit itself?
> 
> Regards,
> Martin
> 
> 
> 
> 
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> nant-developers mailing list
> nan...@li...
> https://lists.sourceforge.net/lists/listinfo/nant-developers