![]() |
|
|
|
|
Issue Type:
|
![New Feature]() New Feature
|
|
Assignee:
|
Jesse Glick
|
|
Components:
|
script-security |
|
Created:
|
02/Oct/14 8:29 PM
|
|
Description:
|
When whitelisting methods, sometimes you want to whitelist specific implementation (say groovy.json.JsonBuilder.toString()) of a generic signature defined in the base type (java.lang.Object.toString() in this case.)
In other times, you want to whitelist all the method definitions that override an interface/class method. For example, another person might want to allow all java.lang.Object.toString() invocation regardless of the receiver type.
script-security plugin currently doesn't have means to do this in Whitelist. GroovyCallSiteSelector.method picks one Method instance and all the decision making happens on this single method call.
Preferably, the call site selection should find the actual method definition getting invoked, as well as methods in the super types that it overrides, so that Whitelist can make decisions by using them all.
|
|
Project:
|
Jenkins
|
|
Priority:
|
![Minor]() Minor
|
|
Reporter:
|
Kohsuke Kawaguchi
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
[email protected].
For more options, visit
https://groups.google.com/d/optout.
