Loading...

This issue is archived. You can view it, but you can't modify it. Learn more

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Major
Component/s: copyartifact-plugin
Labels:
- issue-exported-to-github
Environment:
Copyartifact 1.30

Released As:
https://github.com/jenkinsci/copyartifact-plugin/blob/master/CHANGELOG.adoc#144

When specifying a project name to copy artifacts from without a variable, permission check is performed at configuration time.
That check is performed in the constructor of CopyArtifact, and can be bypassed using WebAPI, which does not trigger the constructor (triggers readResolve instead).

update: can be bypassed also with CLI.

is related to

JENKINS-28247 Can bypass permission check of CopyArtifact with WorkflowJob

Closed

JENKINS-24888 Complete runtime permission check of Copyartifact

Closed

Assignee:: ikedam
Reporter:: ikedam

Created:: 2014-06-17 23:34
Updated:: 1 week ago 14:35
Resolved:: 2020-05-23 00:55
Archived:: 1 week ago 14:35

Details

Description

Attachments

Issue Links

Activity

People

Dates