Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-47393

Split CommandLauncher into a plugin and integrate with script-security

    XMLWordPrintable

Details

    Description

      As of Jenkins Security Advisory 2017-10-11 CommandLauncher configuration enforces RUN_SCRIPTS, which is awkward for cases where a lower-privileged user is permitted to configure other aspects of an agent. The launcher should be moved out of core into a plugin that can depend on script-security for a regular approval workflow.

      Attachments

        Issue Links

          depends on

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-47593 can not to be online without permission

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved
          links to

          Web Link CloudBees Internal OSS-2247

          Web Link core PR 3076

          Web Link jenkins-test-harness PR 79

          Activity

            People

              jglick Jesse Glick
              jglick Jesse Glick
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: