Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-20204

Latest release of Java 7 blocks the connection to slaves due to no permissions attribute in the JAR file

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Blocker Blocker
    • core
    • All platforms where you can use at least Java web start to get a slave node connected, and Java 7 update 45 installed.

      Since I have installed Java 7 update 45 on our test slaves I get the following security warning:

      Running applications by UNKNOWN publishers will be blocked in a future release because it is potentially unsafe and a security risk.

      This application will be blocked in a future Java security update because the JAR file manifest does not contain the Permissions attribute. Please contact the Publisher for more information.

      It looks like that the .jar file(s) do not contain a permissions attribute, which would let slaves connect to the master in the future. In our case we connect slaves via Java web start.

      As of now it is not a hard-blocker and you can click through and accept. But I think that this should be fixed soon.

          [JENKINS-20204] Latest release of Java 7 blocks the connection to slaves due to no permissions attribute in the JAR file

          Henrik Skupin created issue -
          illenseer made changes -
          Priority Original: Major [ 3 ] New: Blocker [ 1 ]
          Henrik Skupin made changes -
          Summary Original: Future releases of Java 7 will block connecting slaves due to no permissions attribute in the JAR file New: Latest release of Java 7 blocks the connection to slaves due to no permissions attribute in the JAR file
          Stuart Smith made changes -
          Link New: This issue is related to JENKINS-21570 [ JENKINS-21570 ]
          illenseer made changes -
          Assignee New: Kohsuke Kawaguchi [ kohsuke ]
          Henrik Skupin made changes -
          Labels New: security
          Kohsuke Kawaguchi made changes -
          Link New: This issue is duplicated by JENKINS-22374 [ JENKINS-22374 ]
          SCM/JIRA link daemon made changes -
          Resolution New: Fixed [ 1 ]
          Status Original: Open [ 1 ] New: Resolved [ 5 ]
          Jesse Glick made changes -
          Labels Original: security New: jnlp security
          Oliver Gondža made changes -
          Labels Original: jnlp security New: jnlp lts-candidate security

            kohsuke Kohsuke Kawaguchi
            whimboo Henrik Skupin
            Votes:
            19 Vote for this issue
            Watchers:
            34 Start watching this issue

              Created:
              Updated:
              Resolved: