1. Set up security configuration for Anonymous user with no rights for building jobs, but with rights for reading jobs.
2. Create a pipeline with another user (eg: user FOO) that has all rights and trigger a pipeline build with user FOO.
3. Logout from user FOO. You are now as Anonymous user. Enter the pipeline view and press the trigger button for a build (not the run button from the upside of the pipeline view, but the trigger button from a finished build).
4. The build will start even if the Anonymous user has no rights to start a build.

Expectations: the build should not start or, better, the trigger button should not be visible if a user has no rights to build a job