That's a fair point actually, thanks for your answer. On the other hand, if the security is one of the important pieces then any Builder might be affected easily since AFAIK they don't run in any sandbox therefore you might run "rm -rf /" and change the restriction label as "master". Does it mean "Shell plugin" (I know it's part of the core) is unsecured? If so, does it mean any other plugins which are using it are also unsecured? And that's an example of bypassing the "security layout". Don't get me wrong, I do like the idea of adding value to Jenkins with this wizard feature, but what I don't like is the way of filtering plugins which are useful IMO.
Thanks again On Tuesday, 29 September 2015 23:55:03 UTC+2, Daniel Beck wrote: > > > On 29.09.2015, at 23:23, Victor Martinez <[email protected] > <javascript:>> wrote: > > > Just went through the list of plugins and I'm really surprise there is > no references about the JobDSL plugin at all. I do understand the JobDSL > and Workflow might coexist and be somehow related but knowing it's been > available longer with more number of installations, it's actively > maintained by the community and it was one of the first plugins talking > about Configuration as Code paradigm I believe it should be part of the > Recommended plugins too. What do you think? > > Last I checked, Job DSL does not integrate well with secured instances. > Grant one user Job/Configure on a single freestyle job and they can do > whatever they want to your instance. Therefore it fails the second > criterion I mentioned. > > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/5a842453-821d-4692-b8ad-1a7fe84ab4e7%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
