The administrative script console allows very broad access to Jenkins, and this has been a source of vulnerabilities in the past, e.g.
https://www.rapid7.com/db/modules/exploit/multi/http/jenkins_script_console
https://duckduckgo.com/?q=jenkins+script+console+java+execution&ia=web
My team never uses this feature, and we'd like to reduce our attack surface by disabling the console completely, preferably from the system-level Jenkins config (/etc/sysconfig/jenkins on Linux). Is there an existing undocumented option for that? If not, will it be possible to add such an option?
We do have mandatory auth and access control, but still would like to disable this feature.
- is related to
-
JENKINS-29068 Split Groovy out of core
-
- Open
-
Theoretically it should be enough to disable the Jenkins.RUN_SCRIPTS permission in Authorization strategy, which does blocks permission inheritance. It would also block the groovy script CLI command.
BTW I'm not sure which strategy provides such functionality