Groups

[JIRA] (JENKINS-57344) Whitelist requests for some java.io and other misc calls

2 views

Skip to first unread message

haridara@gmail.com (JIRA)

unread,

May 6, 2019, 10:37:02 AM5/6/19

to jenkinsc...@googlegroups.com

Hari Dara created an issue

Whitelist requests for some java.io and other misc calls

Issue Type:	Bug
Assignee:	Hari Dara
Components:	script-security-plugin
Created:	2019-05-06 14:36
Priority:	Minor
Reporter:	Hari Dara

The following is a sample of some of the methods that are safe to be whitelisted and are quite useful:

StringReader.read
StringWriter.append
new PrintWriter(Writer) (useful for capturing stacktraces as strings)
List.add
reverse() on List
new LinkedHashSet()

This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)

haridara@gmail.com (JIRA)

unread,

May 6, 2019, 10:47:02 AM5/6/19

to jenkinsc...@googlegroups.com

Hari Dara commented on

Re: Whitelist requests for some java.io and other misc calls

PR: https://github.com/jenkinsci/script-security-plugin/pull/249

dnusbaum@cloudbees.com (JIRA)

unread,

Aug 5, 2019, 9:28:06 AM8/5/19

to jenkinsc...@googlegroups.com

Devin Nusbaum resolved as Fixed

These methods were added to the whitelist in version 1.61 of Script Security Plugin.

Thanks Hari Dara, sorry I forgot to update the ticket!

Whitelist requests for some java.io and other misc calls

Change By:	Devin Nusbaum
Status:	Open Resolved
Resolution:	Fixed
Released As:	script-security 1.61

Reply all

Reply to author

Forward

0 new messages

Search

Clear search

Close search

Google apps

Main menu