|
||||||||
|
This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira |
||||||||
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
@danielbeck
I'm afraid you completely misunderstand this issue.
1. The severity is completely different that all users in Jenkins are visible and that some of users in a project is visible.
2. Changelogs can be restrict to open only to users related to that project by using Matrix Authorization Strategy Plugin. This issue is that there is no way to restrict access to "People" view.
3. Even though there are other security issues in Jenkins, it cannot be a reason to leave this issue.
4. Even though there are plugins with security issues, it cannot be a reason for Jenkins not to care security.
It is not reasonable to force users change their existing security policy only in order to introduce Jenkins.
Of course, other problems you pointed should not be left.
They should be considered to fix if someone cannot stand with them.