[JIRA] [core] (JENKINS-3627) Add separate permission to view build logs

7 views
Skip to first unread message

mess110@gmail.com (JIRA)

unread,
Oct 18, 2015, 3:35:02 PM10/18/15
to jenkinsc...@googlegroups.com
mess110 mess110 commented on New Feature JENKINS-3627
 
Re: Add separate permission to view build logs

Agreed, printing passwords in plain text to the console should not be done.

On the other hand, the permission could also be useful to me: I allow anonymous builds and I would like to not display the trigger email at the end publicly.
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v6.4.2#64017-sha1:e244265)
Atlassian logo

nathan.renniewaldock@gmail.com (JIRA)

unread,
Jul 30, 2016, 10:27:02 AM7/30/16
to jenkinsc...@googlegroups.com

Would be nice to see this added. It'd be useful for for custom build scripts that have an API key or similar in.
This message was sent by Atlassian JIRA (v7.1.7#71011-sha1:2526d7c)
Atlassian logo

dbeck@cloudbees.com (JIRA)

unread,
Jul 30, 2016, 11:35:02 AM7/30/16
to jenkinsc...@googlegroups.com
Daniel Beck updated an issue
 
Jenkins / New Feature JENKINS-3627
Change By: Daniel Beck
Labels: new- permission permission security

man@praqma.net (JIRA)

unread,
Jan 17, 2017, 8:04:02 AM1/17/17
to jenkinsc...@googlegroups.com
Mads Nielsen commented on New Feature JENKINS-3627
 
Re: Add separate permission to view build logs

This is a very nice feature that we could use. We have loads of reports that we do not want to show every developer. but we still want to put up a read-only view to just show the status.

pjdarton@gmail.com (JIRA)

unread,
Oct 2, 2018, 7:49:03 AM10/2/18
to jenkinsc...@googlegroups.com
pjdarton commented on New Feature JENKINS-3627

I've just found this issue after a "real-world lesson" in why console access should be more strongly secured than mere "general read access"...

While I agree with Daniel Beck that a plugin exposing a password would be a bug in the plugin, bugs do happen and Jenkins' core security model should help mitigate this.
More importantly, these days a lot of jobs will be using pipelines, and pipelines don't necessarily use plugins the way the plugin author intended, thus allowing mere "user error" to expose passwords in plain text by accident that a plugin cannot reasonably prevent. As a Jenkins administrator, I can't bugfix my users, so I need to be able to configure my Jenkins server so that such errors can't cause a big security issue.

TL;DR: Jenkins allows us to secure access to the workspace as a separate permission - IMO console access should be similarly controllable and the lack of such control is a security weakness.
This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)

sylvain.targonski@gmail.com (JIRA)

unread,
May 28, 2019, 10:23:03 AM5/28/19
to jenkinsc...@googlegroups.com
Larkoie commented on New Feature JENKINS-3627

I'm also in need of this new feature. I've setup a few pipeline to perform various tasks for our team. When the pipeline executes a sh command it shows the whole command which sometimes contains paths or hosts information (IP address etc...)

It would be great to allow us to disable the output view to users/groups of users.

ashish.kumarsingh@startv.com (JIRA)

unread,
Jan 24, 2020, 6:33:02 AM1/24/20
to jenkinsc...@googlegroups.com

Is this feature available or if any work around, please suggest?
This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f)
Atlassian logo

tomaszdunek@wp.pl (JIRA)

unread,
Feb 19, 2020, 4:18:03 AM2/19/20
to jenkinsc...@googlegroups.com

Could anyone inform about plans for this feature?

Are there any plans to implement it?
Reply all
Reply to author
Forward
0 new messages