Integration test for SECURITY-144

[Ullrich Hafner]

In my plugin I’m currently copying files from the agent to the master, but according to SECURITY- 144 I should copy them from the master to the slave. 

Before writing a fix for this bug (see JENKINS-56007 [1]) I tried to write an integration test that exposes this bug. However, even if I enable master agent security in my test I can’t reproduce this exception in a test:

java.lang.SecurityException: agent may not create E:\Jenkins\Testing\Test warnings-ng plugin\builds\9\files-with-issues\4e1480.tmp
See https://jenkins.io/redirect/security-144 for more details
	at jenkins.SoloFilePathFilter.noFalse(SoloFilePathFilter.java:33)
	at jenkins.SoloFilePathFilter.create(SoloFilePathFilter.java:63)
	at hudson.FilePath.writing(FilePath.java:3245)
	at hudson.FilePath.access$1900(FilePath.java:213)
	at hudson.FilePath$WritePipe.invoke(FilePath.java:2111)
	at hudson.FilePath$WritePipe.invoke(FilePath.java:2104)
	at hudson.FilePath$FileCallableWrapper.call(FilePath.java:3086)

This exception is from a Jenkins instance of the bug reporter, but if I set in my test 

jenkins.getInjector().getInstance(AdminWhitelistRule.class).setMasterKillSwitch(false);

then no Exception is thrown.

Also if I run Jenkins and an Agent without a test case in a Docker container (connected via SSH) then no exception is thrown. 

Is there an additional security setting required to enable that kind of agent to master security?

[1] https://issues.jenkins-ci.org/browse/JENKINS-56007

[2] https://github.com/jenkinsci/warnings-ng-plugin/pull/90/files