As described here:
A user with "configure" privileges can execute arbitrary code in the context of the application server running jenkins, and leverage this to bypass authentication and take full control of the jenkins server. This is only a problem because the security matrix seems to be designed to separate privileges, and the fact a user with "configure" privs for a single project can take over the whole server is non-obvious to administrators.
Do you think this is something that constitutes a legitimate flaw to fix? Or more just something to be documented?
|Field||Original Value||New Value|
|Assignee||Kohsuke Kawaguchi [ kohsuke ]|
|Issue Type||Bug [ 1 ]||Improvement [ 4 ]|
|Summary||Potential privilege escalation issue||Zero executors on master not well documented or enforced|
|Workflow||JNJira [ 157499 ]||JNJira + In-Review [ 179555 ]|
|Link||This issue is duplicated by SECURITY-480 [ SECURITY-480 ]|
|Remote Link||This issue links to "CloudBees Internal OSS-2267 (Web Link)" [ 18367 ]|
|Remote Link||This issue links to "jenkins PR 3919 (Web Link)" [ 22436 ]|