Loading...

This issue is archived. You can view it, but you can't modify it. Learn more

Log In
Resolved

XML

Word

Printable

Type: Task
Resolution: Fixed
Priority: Major
Component/s: core
Labels:

As of Jenkins Security Advisory 2017-10-11 CommandLauncher configuration enforces RUN_SCRIPTS, which is awkward for cases where a lower-privileged user is permitted to configure other aspects of an agent. The launcher should be moved out of core into a plugin that can depend on script-security for a regular approval workflow.

depends on

JENKINS-47593 can not to be online without permission

Resolved

links to

CloudBees Internal OSS-2247

core PR 3076

jenkins-test-harness PR 79

Assignee:: Jesse Glick
Reporter:: Jesse Glick

Created:: 2017-10-11 20:36
Updated:: Yesterday 17:16
Resolved:: 2017-10-17 20:57
Archived:: Yesterday 17:16

Details

Description

Attachments

Issue Links

Activity

People

Dates