[JENKINS-31555] Slave2Master security: Symlinks handling differs depeding on platform

Type: Bug
Resolution: Unresolved
Priority: Minor
Component/s: core
Labels:
- arm
- security
Environment:
jenkins-1.580+

Similar Issues:
Powered by SuggestiMate

Show
Epic Link:
Docker images for ARM 64

It's a follow-up to https://groups.google.com/forum/#!topic/jenkinsci-dev/RbQSUCg_9OY

I have an OpenJDK/Debian/ARM setup. On this setup Slave2Master security seems to resolve symbolic links to absolute ones => whitelists do not work. In such case I see a security check failure in Cobertura publisher.

Everything works fine on Mac

Oleg Nenashev added a comment - 2015-11-14 15:07

Additional investigation is required

Oleg Nenashev added a comment - 2015-11-14 15:07 Additional investigation is required

Oleg Nenashev added a comment - 2017-08-15 21:47

No plan to work on it anytime soon. Pull requests will be appreciated, reviewed and integrated if possible.

Oleg Nenashev added a comment - 2017-08-15 21:47 No plan to work on it anytime soon. Pull requests will be appreciated, reviewed and integrated if possible.

Assignee:: Unassigned

Reporter:: Oleg Nenashev

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2015-11-14 15:02

Updated:: 2020-04-02 04:32

Details

Description

Attachments

Activity

Collapse comment: Oleg Nenashev added a comment - 2015-11-14 15:07

Expand comment: Oleg Nenashev added a comment - 2015-11-14 15:07

Collapse comment: Oleg Nenashev added a comment - 2017-08-15 21:47

Expand comment: Oleg Nenashev added a comment - 2017-08-15 21:47

People

Dates