Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
a13402da
Commit
a13402da
authored
Sep 06, 2017
by
Ben Bodenmiller
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
clarify that only some Runner Executors have these security concerns
parent
d68ff7f5
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
4 additions
and
2 deletions
+4
-2
doc/ci/runners/README.md
doc/ci/runners/README.md
+4
-2
No files found.
doc/ci/runners/README.md
View file @
a13402da
...
@@ -228,7 +228,8 @@ To make a Runner pick tagged/untagged jobs:
...
@@ -228,7 +228,8 @@ To make a Runner pick tagged/untagged jobs:
### Be careful with sensitive information
### Be careful with sensitive information
If you can run a job on a Runner, you can get access to any code it runs
With some
[
Runner Executors
](
https://docs.gitlab.com/runner/executors/README.html
)
,
if you can run a job on the Runner, you can get access to any code it runs
and get the token of the Runner. With shared Runners, this means that anyone
and get the token of the Runner. With shared Runners, this means that anyone
that runs jobs on the Runner, can access anyone else's code that runs on the
that runs jobs on the Runner, can access anyone else's code that runs on the
Runner.
Runner.
...
@@ -237,7 +238,8 @@ In addition, because you can get access to the Runner token, it is possible
...
@@ -237,7 +238,8 @@ In addition, because you can get access to the Runner token, it is possible
to create a clone of a Runner and submit false jobs, for example.
to create a clone of a Runner and submit false jobs, for example.
The above is easily avoided by restricting the usage of shared Runners
The above is easily avoided by restricting the usage of shared Runners
on large public GitLab instances and controlling access to your GitLab instance.
on large public GitLab instances, controlling access to your GitLab instance,
and using more secure
[
Runner Executors
](
https://docs.gitlab.com/runner/executors/README.html
)
.
### Forks
### Forks
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment