为了测试或安全目的,可以在Travis CI上测试漏洞,病毒或危险脚本吗?
例如:
答案 0 :(得分:3)
I think these sections in the Travis CI terms of service are relevant:
Section 4.2: The customer must not interfere or intent to interfere in any manner with the functionality or proper working of Travis CI.
Section 4.5: The customer will indemnify and hold harmless Travis CI, its officers and directors, employees and agents from any and all third party claims, damages, costs and (including reasonable attorneys fees) arising out of the customer’s use of Travis CI in a manner not authorized by this Agreement, and/or applicable law, or the customer’s or it’s employees’ or personnel’s negligence or willful misconduct.
I would think that there is a grey area in demonstrating some security flaws which would not harm the underlying host environment, and do not proceed to exploit the flaw. E.g. demonstrating that a file has incorrect permissions would be harmless, and, I think, consistent with the terms of service. I would think that buffer overflows would be unacceptable, and, as CodeGnome states, not what Travis is for.