[JIRA] (JENKINS-60210) Whitelist all java.util.Collections methods

11 views
Skip to first unread message

haridara@gmail.com (JIRA)

unread,
Nov 19, 2019, 4:50:07 AM11/19/19
to jenkinsc...@googlegroups.com
Hari Dara created an issue
 
Jenkins / Improvement JENKINS-60210
Whitelist all java.util.Collections methods
Issue Type: Improvement Improvement
Assignee: Hari Dara
Components: script-security-plugin
Created: 2019-11-19 09:49
Priority: Minor Minor
Reporter: Hari Dara

We currently only have Collections.sort whiltelisted, but every method in this class is a static utility method that is safe. Also need to whitelist a couple of Throwable.printStackTrace variations. JENKINS-57344 already whitelisted a few java.io methods to make it possible to write to a StringWriter, so together this will make it possible to log more detailed error messages that include exception stacktraces and make it easier to troubleshoot some issues.
Add Comment Add Comment
 
This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f)
Atlassian logo

haridara@gmail.com (JIRA)

unread,
Nov 19, 2019, 4:55:08 AM11/19/19
to jenkinsc...@googlegroups.com
Hari Dara started work on Improvement JENKINS-60210
 
Change By: Hari Dara
Status: Open In Progress

haridara@gmail.com (JIRA)

unread,
Nov 19, 2019, 4:55:08 AM11/19/19
to jenkinsc...@googlegroups.com

haridara@gmail.com (JIRA)

unread,
Nov 19, 2019, 4:55:09 AM11/19/19
to jenkinsc...@googlegroups.com
Change By: Hari Dara
Status: In Progress Review

haridara@gmail.com (JIRA)

unread,
Jan 28, 2020, 9:54:03 AM1/28/20
to jenkinsc...@googlegroups.com
 

PR merged.
Change By: Hari Dara
Status: In Review Fixed but Unreleased
Resolution: Fixed
Reply all
Reply to author
Forward
0 new messages