On Tuesday, January 12, 2016 at 10:51:11 AM UTC+1, Stephen Connolly wrote:
>
>
>
> On 12 January 2016 at 06:14, Thomas Goeppel <thomas....@gmail.com
> <javascript:>> wrote:
>
>> Stephen,
>>
>> thanks for the suggestions. I'm sure that with the two methods you
>> described it's possible to divide roles into those who can control a docker
>> host, and those who can't, and the second method is even safe against
>> privilege escalation. The organization I work for is a Cloudbees customer,
>> but unfortunately both methods you suggested don't support use cases where
>> both groups in your "lock down" scenario must be allowed to configure
>> Workflow scripts with `docker.image().inside{}` (and that's what I have in
>> mind).
>>
>
> If you are using the Script Security plugin that should help vet what
> scripts can be executed... and by having the two teams in different Jenkins
> masters you can have different profiles of what they can run... but yeah I
> agree it would be better to be able to provide a "permission restricted"
> docker proxy to the build (not just workflow by the way) so that you can
> restrict what the build can do as this is a problem for any build (just
> think that somebody can add a unit test that uses System.exec to run docker
>
>
Exactly that's my concern - I don't want to rely on Jenkins security for
this kind of system level stuff. On the OS level, Jenkins operates under a
single user account for all jobs. It would be easier if Jenkins could run
jobs with setuid(), e.g. depending on the user roles that 'own' a job.
Currently that only possible on the build slave level.
--
You received this message because you are subscribed to the Google Groups
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-users/8ec6a1fe-0da6-4f11-b446-c85f644780e3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
