Because this is a security issue, we are moving this discussion to [email protected]. This list allows anyone to post. We'll include Andrew in the conversation, if he wants to be a part of it.
Please refrain from discussing this issue in this list. 2012/12/17 Andrew Collette <[email protected]> > Hi, > > I filed a bug about this last week, here: > > https://issues.jenkins-ci.org/browse/JENKINS-16103 > > It seems that if user Anonymous has overall read permissions, anyone can > connect as a slave over JNLP with no authentication. Am I missing > something? Or is this really a bug? > > Thanks, > Andrew > -- Kohsuke Kawaguchi
