When using the plugin "config-file-provider", the configs files are readable by everyone with the right to create jobs.

When the user create a job, at the moment of choosing a config file, he can click on "view selected file" and have a full RO access on this files...