Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-11323

dist-fork allows me too much privilege

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • distfork-plugin
    • None

      Quoting from #jenkins:
      [19:21] <sanga> we have a bunch of nodes running on windows boxes. where the node-agent is running with System rights.
      [19:22] <sanga> and our jenkins instance has the following security policy: anonymous users are allowed to run a build but you need to authenticate (and have the appropriate privileges) to configure a job
      [19:23] <sanga> however, with the dist-fork plugin I am able to run: "....dist-fork cmd"
      [19:23] <sanga> which will give me a terminal shell with system rights on the node
      [19:23] <sanga> without needing to authenticate...
      [19:25] <sanga> it seems to me that dist-fork is currently handled (in terms of access rights) as a job "run"
      [19:25] <sanga> whereas it should be handled as a job "configure"

            Unassigned Unassigned
            sanga sanga
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: