Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-26862

Jenkins should set a SecurityManager (prevent rogue scripts exiting)

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Major Major
    • core, groovy-plugin
    • None
    • Any

      Jenkins should set a SecurityManager and explicity trap out calls to System.exit from plugins.

      This would prevent eg. the following script from taking out the whole web container:
      System.exit(0)

      Groovy even provides a NoExitSecurityManager for this purpose.

          [JENKINS-26862] Jenkins should set a SecurityManager (prevent rogue scripts exiting)

            vjuranek vjuranek
            edrandall Ed Randall
            Votes:
            2 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: