diff options
author | Matija Čupić <matteeyah@gmail.com> | 2019-07-26 19:54:00 +0200 |
---|---|---|
committer | Matija Čupić <matteeyah@gmail.com> | 2019-07-29 12:19:53 +0200 |
commit | defe2eaa80ae1635747acaa875579267bc43a316 (patch) | |
tree | 4a73b0f0ae6c9f8c5a598065f4f3492180a0a27f /doc/ci | |
parent | 51a54cfc76de1c482e246619f0ae75d1ee419a72 (diff) | |
download | gitlab-ce-defe2eaa80ae1635747acaa875579267bc43a316.tar.gz |
Document Code Quality potential security flawmc/doc/document-codeclimate-security-best-practice-docs
Diffstat (limited to 'doc/ci')
-rw-r--r-- | doc/ci/examples/code_quality.md | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/doc/ci/examples/code_quality.md b/doc/ci/examples/code_quality.md index 43f773dab7c..e63470ec9d9 100644 --- a/doc/ci/examples/code_quality.md +++ b/doc/ci/examples/code_quality.md @@ -34,6 +34,12 @@ For [GitLab Starter][ee] users, this information will be automatically extracted and shown right in the merge request widget. [Learn more on Code Quality in merge requests](../../user/project/merge_requests/code_quality.md). +CAUTION: **Caution:** +On self-managed instances, if a malicious actor compromises the Code Quality job +definition they will be able to execute privileged docker commands on the Runner +host. Having proper access control policies mitigates this attack vector by +allowing access only to trusted actors. + ## Previous job definitions CAUTION: **Caution:** |