[JIRA] (JENKINS-36206) Add staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods drop java.lang.CharSequence int to generic-whiteliest
Title: Message Title Jesse Glick commented on JENKINS-36206 Re: Add staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods drop java.lang.CharSequence int to generic-whiteliest Well approve that method. Add Comment This message was sent by Atlassian JIRA (v7.1.7#71011-sha1:2526d7c) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-36206) Add staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods drop java.lang.CharSequence int to generic-whiteliest
Title: Message Title Owen Wood created an issue Jenkins / JENKINS-36206 Add staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods drop java.lang.CharSequence int to generic-whiteliest Issue Type: Improvement Assignee: Jesse Glick Components: script-security-plugin Created: 2016/Jun/24 3:28 AM Priority: Minor Reporter: Owen Wood Pending review of course. Not sure what security implications there might be here. To reproduce: node { env.WORKSPACE = pwd() test = env.WORKSPACE.drop(3) } Results in: org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException: Scripts not permitted to use staticMethod org.codehaus.groovy.runtime.DefaultGroovyMethods drop java.lang.CharSequence int at org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.StaticWhitelist.rejectStaticMethod(StaticWhitelist.java:174) Reproducible with Sandbox enabled (or using Jenkinsfile obviously)