-
Task
-
Resolution: Fixed
-
Major
As of Jenkins Security Advisory 2017-10-11 CommandLauncher configuration enforces RUN_SCRIPTS, which is awkward for cases where a lower-privileged user is permitted to configure other aspects of an agent. The launcher should be moved out of core into a plugin that can depend on script-security for a regular approval workflow.
- depends on
-
JENKINS-47593 can not to be online without permission
-
- Resolved
-
- links to
[JENKINS-47393] Split CommandLauncher into a plugin and integrate with script-security
Link | New: This issue relates to SECURITY-478 [ SECURITY-478 ] |
Labels | Original: security ux | New: security split-plugins-from-core ux |
Status | Original: Open [ 1 ] | New: In Progress [ 3 ] |
Remote Link | New: This issue links to "core PR 3076 (Web Link)" [ 17851 ] |
Remote Link | New: This issue links to "jenkins-test-harness PR 79 (Web Link)" [ 17852 ] |
Status | Original: In Progress [ 3 ] | New: In Review [ 10005 ] |
Link | New: This issue depends on HOSTING-442 [ HOSTING-442 ] |
Code changed in jenkins
User: Jesse Glick
Path:
src/main/java/org/jvnet/hudson/test/HudsonTestCase.java
src/main/java/org/jvnet/hudson/test/JenkinsRule.java
src/main/java/org/jvnet/hudson/test/SimpleCommandLauncher.java
src/main/resources/org/jvnet/hudson/test/SimpleCommandLauncher/config.jelly
http://jenkins-ci.org/commit/jenkins-test-harness/913fb842b8edf01d5a556a10194ea2d6a686618e
Log:
JENKINS-47393Remove signature and runtime references to CommandLauncher.