Details
-
Type:
Bug
-
Status: Resolved (View Workflow)
-
Priority:
Minor
-
Resolution: Not A Defect
-
Component/s: config-file-provider-plugin
-
Labels:
-
Environment:Jenkins : 2.121.2
config-file-provider-plugin : 3.2
-
Similar Issues:
Description
When using the plugin "config-file-provider", the configs files are readable by everyone with the right to create jobs.
When the user create a job, at the moment of choosing a config file, he can click on "view selected file" and have a full RO access on this files...
Attachments
Activity
Seems legit
The issue can be closed
Thanks
Guillaume Lunik
added a comment - Seems legit
The issue can be closed
Thanks intentional behavior
Guillaume Lunik
added a comment - intentional behavior 
I don't think this is a bug but the intention - everyone having permission to create a job should also be able to see the config-files hi is able to use within his jobs. If you have files which should not be seen by everyone, then you should create folders and place the config-files within the scope of a folder where only allowed users have permission to see it.