-
Task
-
Resolution: Fixed
-
Major
As of Jenkins Security Advisory 2017-10-11 CommandLauncher configuration enforces RUN_SCRIPTS, which is awkward for cases where a lower-privileged user is permitted to configure other aspects of an agent. The launcher should be moved out of core into a plugin that can depend on script-security for a regular approval workflow.
- depends on
-
JENKINS-47593 can not to be online without permission
-
- Resolved
-
- links to
[JENKINS-47393] Split CommandLauncher into a plugin and integrate with script-security
Link | New: This issue relates to SECURITY-478 [ SECURITY-478 ] |
Labels | Original: security ux | New: security split-plugins-from-core ux |
Status | Original: Open [ 1 ] | New: In Progress [ 3 ] |
Remote Link | New: This issue links to "core PR 3076 (Web Link)" [ 17851 ] |
Remote Link | New: This issue links to "jenkins-test-harness PR 79 (Web Link)" [ 17852 ] |
Status | Original: In Progress [ 3 ] | New: In Review [ 10005 ] |
Link | New: This issue depends on HOSTING-442 [ HOSTING-442 ] |
Resolution | New: Fixed [ 1 ] | |
Status | Original: In Review [ 10005 ] | New: Resolved [ 5 ] |
Link |
New:
This issue depends on |
Remote Link | New: This issue links to "CloudBees Internal OSS-2247 (Web Link)" [ 18374 ] |