Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-11323

dist-fork allows me too much privilege

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • distfork-plugin
    • None

      Quoting from #jenkins:
      [19:21] <sanga> we have a bunch of nodes running on windows boxes. where the node-agent is running with System rights.
      [19:22] <sanga> and our jenkins instance has the following security policy: anonymous users are allowed to run a build but you need to authenticate (and have the appropriate privileges) to configure a job
      [19:23] <sanga> however, with the dist-fork plugin I am able to run: "....dist-fork cmd"
      [19:23] <sanga> which will give me a terminal shell with system rights on the node
      [19:23] <sanga> without needing to authenticate...
      [19:25] <sanga> it seems to me that dist-fork is currently handled (in terms of access rights) as a job "run"
      [19:25] <sanga> whereas it should be handled as a job "configure"

          [JENKINS-11323] dist-fork allows me too much privilege

          sanga created issue -
          Oleg Nenashev made changes -
          Component/s New: distfork [ 15973 ]
          Component/s Original: cli [ 15624 ]
          R. Tyler Croy made changes -
          Workflow Original: JNJira [ 141542 ] New: JNJira + In-Review [ 175500 ]
          Ben Walding made changes -
          Link New: This issue is related to SECURITY-386 [ SECURITY-386 ]
          Jesse Glick made changes -
          Resolution New: Fixed [ 1 ]
          Status Original: Open [ 1 ] New: Resolved [ 5 ]

            Unassigned Unassigned
            sanga sanga
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: