• Icon: New Feature New Feature
    • Resolution: Unresolved
    • Icon: Major Major
    • support-core-plugin
    • None

      For pipeline jobs (but not only) it may be interesting to know if the user approved some methods to be executed in the script sandbox (ex: System.exit() ).

          [JENKINS-38926] Add a report about the sandbox usage

          Jesse Glick added a comment -

          System.exit is blacklisted, so that is less likely now, but yes in general we would like to know if there are a lot of manually approved methods—good fodder for proactive whitelisting.

          Jesse Glick added a comment - System.exit is blacklisted, so that is less likely now, but yes in general we would like to know if there are a lot of manually approved methods—good fodder for proactive whitelisting.

          schristou I think this one has a low cost and is really interesting. Could you have some time to process it or do you prefer to receive a PR ? 

          Arnaud Héritier added a comment - schristou I think this one has a low cost and is really interesting. Could you have some time to process it or do you prefer to receive a PR ? 

          Denys Digtiar added a comment -

          aheritier scriptAproval.xml is included in the bundle if the root configs component is selected. Do you think this is still relevant?

          Denys Digtiar added a comment - aheritier scriptAproval.xml is included in the bundle if the root configs component is selected. Do you think this is still relevant?

            schristou Steven Christou
            aheritier Arnaud Héritier
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: