Looking at it. In the future please use https://issues.jenkins-ci.org/browse/SECURITY for such things.
On Mon, Dec 17, 2012 at 4:47 PM, Andrew Collette <[email protected]> wrote: > Hi, > > I filed a bug about this last week, here: > > https://issues.jenkins-ci.org/browse/JENKINS-16103 > > It seems that if user Anonymous has overall read permissions, anyone can > connect as a slave over JNLP with no authentication. Am I missing > something? Or is this really a bug? > > Thanks, > Andrew
