Hi, Let me kindly suggest the below security approaches in case you need to secure your Jenkins instance:
- https://wiki.jenkins-ci.org/display/JENKINS/Ownership-Based+security - https://wiki.jenkins-ci.org/display/JENKINS/Job+Restrictions+Plugin There are some use cases it will not be enough but it depends on how much security you need in place. I hope it helps Cheers On Tuesday, 6 October 2015 20:06:33 UTC+2, Daniel Beck wrote: > > > On 06.10.2015, at 18:52, Brian Ray <be_...@sbcglobal.net <javascript:>> > wrote: > > > Not to drag the thread off-topic, but could you elaborate on any > security issues with Job DSL? I experimented with it a while back, and > CloudBees is going to demo Job Templates to my shop in the near future, but > is there something that makes Job DSL inherently less secure-able than the > latter? > > > > For example, couldn't you just use project-based security to lock down > the Job DSL job that creates and updates the spawned jobs? > > The problem is that a user with Job/Configure on a single freestyle job > can add a Job DSL build step there, and wreaks havoc on your instance. -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/0a862ed1-8225-4159-9900-3b74b5f1f3b5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
