Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-31555

Slave2Master security: Symlinks handling differs depeding on platform

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • core
    • jenkins-1.580+

      It's a follow-up to https://groups.google.com/forum/#!topic/jenkinsci-dev/RbQSUCg_9OY

      I have an OpenJDK/Debian/ARM setup. On this setup Slave2Master security seems to resolve symbolic links to absolute ones => whitelists do not work. In such case I see a security check failure in Cobertura publisher.

      Everything works fine on Mac

          [JENKINS-31555] Slave2Master security: Symlinks handling differs depeding on platform

          Oleg Nenashev created issue -
          Oleg Nenashev made changes -
          Description Original: It's a follow-up to https://groups.google.com/forum/#!topic/jenkinsci-dev/RbQSUCg_9OY

          Slave2Master security constructs whitelists using patterns. BTW, a pattern for the BUILD_DIR presumes that its's being always stored in JOBS_DIR/builds . If somebody configures other path using Jenkins Advanced options in Global configs, the whitelisting won't work properly.           		New: It's a follow-up to https://groups.google.com/forum/#!topic/jenkinsci-dev/RbQSUCg_9OY

          I have an OpenJDK/Debian/ARM setup. On this setup Slave2Master security seems to resolve symbolic links to absolute ones => whitelists do not work. In such case I see a security check failure in Cobertura publisher.
          Oleg Nenashev made changes -
          Priority Original: Major [ 3 ] New: Minor [ 4 ]
          Oleg Nenashev made changes -
          Description Original: It's a follow-up to https://groups.google.com/forum/#!topic/jenkinsci-dev/RbQSUCg_9OY

          I have an OpenJDK/Debian/ARM setup. On this setup Slave2Master security seems to resolve symbolic links to absolute ones => whitelists do not work. In such case I see a security check failure in Cobertura publisher.           		New: It's a follow-up to https://groups.google.com/forum/#!topic/jenkinsci-dev/RbQSUCg_9OY

          I have an OpenJDK/Debian/ARM setup. On this setup Slave2Master security seems to resolve symbolic links to absolute ones => whitelists do not work. In such case I see a security check failure in Cobertura publisher.

          Everything works fine on Mac
          Oleg Nenashev made changes -
          Labels Original: security New: arm security
          Oleg Nenashev made changes -
          Assignee New: Oleg Nenashev [ oleg_nenashev ]
          R. Tyler Croy made changes -
          Workflow Original: JNJira [ 166979 ] New: JNJira + In-Review [ 182538 ]
          Oleg Nenashev made changes -
          Assignee Original: Oleg Nenashev [ oleg_nenashev ]
          Mark Waite made changes -
          Epic Link New: JENKINS-61775 [ 205614 ]

            Unassigned Unassigned
            oleg_nenashev Oleg Nenashev
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: