On Tue, Apr 29, 2014 at 5:28 PM, Stephen Connolly
stephen.alan.conno...@gmail.com wrote:
Basically if you can't trust your build machines, you have some issues.
If you can't trust the code you are building, you have worse issues.
The current block on releasing the literate plugin is providing
Well you could probably get quite close.
You'd either be abusing promotion steps or abusing environments or both.
But because literate makes matrix jobs and promoted jobs easy, and you have
the human readable instructions in your README.md... you could probably get
very close... the only bit that
Thank you for the replies.
I guess this is the setting that you are talking about?
http://javadoc.jenkins-ci.org/hudson/remoting/Channel.html#setRestricted(boolean)
--
You received this message because you are subscribed to the Google Groups
Jenkins Users group.
To unsubscribe from this
Yes
On 30 April 2014 08:47, Mani Azizzadeh mani.azizza...@gmail.com wrote:
Thank you for the replies.
I guess this is the setting that you are talking about?
http://javadoc.jenkins-ci.org/hudson/remoting/Channel.html#setRestricted(boolean)
--
You received this message because you are
Just curious If the slave can load classes from the master, why
do the maven jars get copied over to the slaves?
--
Les Mikesell
lesmikes...@gmail.com
On Wed, Apr 30, 2014 at 8:12 AM, Stephen Connolly
stephen.alan.conno...@gmail.com wrote:
Yes
On 30 April 2014 08:47, Mani
That's the classloading there for you
On Wednesday, 30 April 2014, Les Mikesell lesmikes...@gmail.com wrote:
Just curious If the slave can load classes from the master, why
do the maven jars get copied over to the slaves?
--
Les Mikesell
lesmikes...@gmail.com javascript:;
Hi all,
I understand that if a Jenkins master is compromised, then slaves are
compromised. But I did not think that the reverse was true. However, I
stumbled upon information on this page about Jenkins
securityhttps://wiki.jenkins-ci.org/display/JENKINS/Securing+Jenkins where
following is
On Tuesday, 29 April 2014, Zedd mani.azizza...@gmail.com wrote:
Hi all,
I understand that if a Jenkins master is compromised, then slaves are
compromised. But I did not think that the reverse was true. However, I
stumbled upon information on this page about Jenkins
Hey Stephen,
Thank you for your answer, just some follow up questions. This setting that
you are talking about, is it something that is turned on by default? What
is the setting called?
So if an attacker should get access to a slave, then he/she cannot just
execute some arbitrary code or
On Tuesday, 29 April 2014, Mani Azizzadeh mani.azizza...@gmail.com wrote:
Hey Stephen,
Thank you for your answer, just some follow up questions. This setting
that you are talking about, is it something that is turned on by default?
What is the setting called?
I can't recall exactly.
Basically if you can't trust your build machines, you have some issues.
If you can't trust the code you are building, you have worse issues.
The current block on releasing the literate plugin is providing a good
isolation for pull request builds so that drive-by pull requests on GitHub
don't
Word! Sami
I use Jenkins also for administrative jobs like rebooting the machine,
restarting the services, opening the task manager or checking with WMI
the disk space but you could of course also do more exciting things
here ;)
Some jobs like opening the task manager or rebooting the machine
According to my understanding the master communicates with the slaves by
sending and receiving java objects. AFAIK there is no validation for the
objects the master receives from the slaves. So, even though there is no easy
way for a random dude to inject his own objects into the stream, if
13 matches
Mail list logo
