By default, AFAICT, Jenkins will be installed running on port 8080, accessible
from anywhere, and fully configurable by anyone. I believed this is dangerous,
Please either provide a default setup which limits its openness for instance
allowing only local clients to connect on localhost:8080, or at minimum an
important message when it gets installed via APT debconf templates, referring
to a README providing instructions on how to configure its security.
https://wiki.jenkins-ci.org/display/JENKINS/Standard+Security+Setup seems a
good start for such instructions, I guess, but I'm no Jenkins guru.
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (900, 'testing'), (300, 'stable')
Architecture: i386 (i686)
Kernel: Linux 3.2.0-2-686-pae (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
This is the maintainer address of Debian's Java team
debian-j...@lists.debian.org for discussions and questions.