Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-35357

Script security should save and track rejections

      It would be handy to store a record of rejections by admins, so that we could have the messaging in logs be different for those signatures etc than ones that have not yet been either accepted or rejected. "Unclassified" runtime errors don't make a lot of sense if the admin has already classified it as rejected!

          [JENKINS-35357] Script security should save and track rejections

          Jesse Glick added a comment -

          "Unclassified" runtime errors don't make a lot of sense if the admin has already classified it as rejected!

          I think you are confused here. Unclassified method … means a bug in script-security, not a missing/rejected signature.

          Jesse Glick added a comment - "Unclassified" runtime errors don't make a lot of sense if the admin has already classified it as rejected! I think you are confused here. Unclassified method … means a bug in script-security , not a missing/rejected signature.

          Andrew Bayer added a comment -

          Sorry, got the terminology wrong - I was on my ipad at the time. =)

          Andrew Bayer added a comment - Sorry, got the terminology wrong - I was on my ipad at the time. =)

          Andrew Bayer added a comment -

          Perhaps a better way to put it is that I'd like to see a distinction between "not allowed because it hasn't been requested before or is pending response from an admin" and "rejected explicitly" in the logs.

          Andrew Bayer added a comment - Perhaps a better way to put it is that I'd like to see a distinction between "not allowed because it hasn't been requested before or is pending response from an admin" and "rejected explicitly" in the logs.

          Jesse Glick added a comment -

          Right, you are referring to regular RejectedAccessException with a signature set, not “unclassified” errors.

          Jesse Glick added a comment - Right, you are referring to regular RejectedAccessException with a signature set, not “unclassified” errors.

            Unassigned Unassigned
            abayer Andrew Bayer
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: