Hi everyone,

We've now had not one, but two unauthenticated remote code execution 
vulnerabilities in Jenkins:

- SECURITY-218 in 
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
- SECURITY-360 in 
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-11-16

Clearly, the current state of the CLI is a problem. Its Java serialization 
based protocol without prior authentication has now repeatedly resulted in 
remote code execution. For something like Jenkins, keeper of all the secrets, 
this is just unacceptable.

For now, we have a new system property that allows administrators to disable 
all of the CLI. I don't think this is good enough, but it's all we had time to 
do for SECURITY-360.
https://jenkins.io/doc/upgrade-guide/2.19/#disabling-the-cli

So, what are we going to do with the CLI? Remove it altogether? Only allow 
access via SSHD? Only allow authenticated use? Don't use remoting? Limit CLI 
remoting to specific users? WDYT?

Daniel

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-dev/67C3C899-1DDA-4C08-B242-35FE1ADD2DA2%40beckweb.net.
For more options, visit https://groups.google.com/d/optout.

Reply via email to