Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-21327

Offering access to users with RUN_SCRIPTS is redundant

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      From my reading of the UI and wiki, Scriptler seems to allow people with ADMINISTER to always run scripts, and those with RUN_SCRIPTS to do so only if additionally authorized. If true, this is backwards, as RUN_SCRIPTS is strictly more powerful than ADMINISTER. (And for Scriptler to be useful in a large secured installation, someone with RUN_SCRIPTS needs to be able to offer scripts for use by users who lack either permission.)

      Is this really true, or does the UI just give this false impression? For example

      Allow execution by user with 'RunScripts' permission

        Attachments

          Issue Links

            Activity

            Hide
            jglick Jesse Glick added a comment -

            Or

            Checking this option, allows users who have the 'RunScript' permission to change a scriptler scripts before executing it.
            A user can seriously harm your system and compromise your security!

            which makes no sense, since a user with RUN_SCRIPTS can trivially compromise any kind of security without any help from the Scriptler plugin.

            Show
            jglick Jesse Glick added a comment - Or Checking this option, allows users who have the 'RunScript' permission to change a scriptler scripts before executing it. A user can seriously harm your system and compromise your security! which makes no sense, since a user with RUN_SCRIPTS can trivially compromise any kind of security without any help from the Scriptler plugin.
            Hide
            domi Dominik Bartholdi added a comment -

            If you'r right and RUN_SCRIPTS has more power then ADMINISTRATOR, then I must say that RUN_SCRIPT is not well documented and a very very misleading name.

            But anyway - I guess if you say so, then you probably are right and sure this must be changed/fixed!

            Show
            domi Dominik Bartholdi added a comment - If you'r right and RUN_SCRIPTS has more power then ADMINISTRATOR, then I must say that RUN_SCRIPT is not well documented and a very very misleading name. But anyway - I guess if you say so, then you probably are right and sure this must be changed/fixed!
            Hide
            jglick Jesse Glick added a comment -

            Filed JENKINS-21336 to capture the broader discussion.

            Show
            jglick Jesse Glick added a comment - Filed JENKINS-21336 to capture the broader discussion.
            Hide
            danielbeck Daniel Beck added a comment -

            Dominik Bartholdi:

            If you'r right and RUN_SCRIPTS has more power then ADMINISTRATOR, then I must say that RUN_SCRIPT is not well documented and a very very misleading name.

            It's as useless on almost all instances as the UploadPlugins and ConfigureUpdateCenter permissions (i.e. 3 out of 5) that only exist to enable somewhat secure Cloudbees-hosted instances.

            Show
            danielbeck Daniel Beck added a comment - Dominik Bartholdi : If you'r right and RUN_SCRIPTS has more power then ADMINISTRATOR, then I must say that RUN_SCRIPT is not well documented and a very very misleading name. It's as useless on almost all instances as the UploadPlugins and ConfigureUpdateCenter permissions (i.e. 3 out of 5) that only exist to enable somewhat secure Cloudbees-hosted instances.
            Hide
            domi Dominik Bartholdi added a comment -

            @danielbeck
            I now fully agree and think the whole permission schemas are a mess, not just how to use them in the code, but also to administer - an administrator has barely an idea what implication each permission has for each user.

            I will chenage the usage of RUN_SCRIPT in scriptler, but I just did not have the time to so yet...

            Show
            domi Dominik Bartholdi added a comment - @danielbeck I now fully agree and think the whole permission schemas are a mess, not just how to use them in the code, but also to administer - an administrator has barely an idea what implication each permission has for each user. I will chenage the usage of RUN_SCRIPT in scriptler, but I just did not have the time to so yet...
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: imod
            Path:
            src/main/java/org/jenkinsci/plugins/scriptler/ScriptlerManagement.java
            src/main/java/org/jenkinsci/plugins/scriptler/builder/ScriptlerBuilder.java
            src/main/resources/org/jenkinsci/plugins/scriptler/Messages.properties
            src/main/webapp/help-allowRunScriptEdit.html
            src/main/webapp/help-allowRunScriptPermission.html
            src/test/java/org/jenkinsci/plugins/scriptler/restapi/ScriptlerRestApiTest.java
            http://jenkins-ci.org/commit/scriptler-plugin/71054a6da9c98d23dcc63588686939a62765cf09
            Log:
            JENKINS-21327 replace RUN_SCRIPTS with a new Scritpler RUN permission

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: imod Path: src/main/java/org/jenkinsci/plugins/scriptler/ScriptlerManagement.java src/main/java/org/jenkinsci/plugins/scriptler/builder/ScriptlerBuilder.java src/main/resources/org/jenkinsci/plugins/scriptler/Messages.properties src/main/webapp/help-allowRunScriptEdit.html src/main/webapp/help-allowRunScriptPermission.html src/test/java/org/jenkinsci/plugins/scriptler/restapi/ScriptlerRestApiTest.java http://jenkins-ci.org/commit/scriptler-plugin/71054a6da9c98d23dcc63588686939a62765cf09 Log: JENKINS-21327 replace RUN_SCRIPTS with a new Scritpler RUN permission
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: imod
            Path:
            src/main/resources/org/jenkinsci/plugins/scriptler/ScriptlerManagement/edit.properties
            src/main/resources/org/jenkinsci/plugins/scriptler/ScriptlerManagement/edit_ja.properties
            http://jenkins-ci.org/commit/scriptler-plugin/943a9c42c413e0ced6add1c99a0864f58167c532
            Log:
            JENKINS-21327 fix translations

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: imod Path: src/main/resources/org/jenkinsci/plugins/scriptler/ScriptlerManagement/edit.properties src/main/resources/org/jenkinsci/plugins/scriptler/ScriptlerManagement/edit_ja.properties http://jenkins-ci.org/commit/scriptler-plugin/943a9c42c413e0ced6add1c99a0864f58167c532 Log: JENKINS-21327 fix translations
            Hide
            wfollonier Wadeck Follonier added a comment -

            Proposed PR merged

            Show
            wfollonier Wadeck Follonier added a comment - Proposed PR merged

              People

              Assignee:
              domi Dominik Bartholdi
              Reporter:
              jglick Jesse Glick
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: