Details
-
Epic
-
Status: Resolved (View Workflow)
-
Major
-
Resolution: Fixed
-
Agent-to-controller security simplification
-
-
2.326
Description
Followup to https://www.jenkins.io/security/advisory/2021-11-04/ :
- Remove the ability to disable agent-to-controller access control
- Remove the customizable callable allowlist
- Remove the capability for FilePath methods to operate in the agent-to-controller direction
- Remove the customizable file path filter allowlist supporting this
- Deprecate SlaveToMasterFileCallable
Proposed JEP: https://github.com/jenkinsci/jep/pull/381