Hi, Let me kindly suggest the below security approaches in case you need to secure your Jenkins instance:
- https://wiki.jenkins-ci.org/display/JENKINS/Ownership-Based+security - https://wiki.jenkins-ci.org/display/JENKINS/Job+Restrictions+Plugin There are some use cases it will not be enough but it depends on how much security you need in place. I hope it helps Cheers On Tuesday, 6 October 2015 20:06:33 UTC+2, Daniel Beck wrote: > > > On 06.10.2015, at 18:52, Brian Ray <[email protected] <javascript:>> > wrote: > > > Not to drag the thread off-topic, but could you elaborate on any > security issues with Job DSL? I experimented with it a while back, and > CloudBees is going to demo Job Templates to my shop in the near future, but > is there something that makes Job DSL inherently less secure-able than the > latter? > > > > For example, couldn't you just use project-based security to lock down > the Job DSL job that creates and updates the spawned jobs? > > The problem is that a user with Job/Configure on a single freestyle job > can add a Job DSL build step there, and wreaks havoc on your instance. -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/0a862ed1-8225-4159-9900-3b74b5f1f3b5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
