The list of affected jobs with inadequate copy artifact permissions in "Copy Artifact migration helper" has several instances of the same project in both "Project with the artifacts" and "Project copier".
In our use cases it is quite common to retrieve old artifacts from earlier runs. I guess I could manually go in and specifically grant each job permissions to copy from oneself, but since we have many jobs, this would be very tedious and time consuming. The copy mechanism is controlled by a Jenkins file in groovy and hence individual updates to jobs are normally not needed.
I fail to see how it could be a security risk always allowing a job to use its own artifacts from earlier runs.