[JIRA] (JENKINS-56016) Input step submitter parameter is ignored for administrators

16 views
Skip to first unread message

dnusbaum@cloudbees.com (JIRA)

unread,
Sep 9, 2019, 9:51:04 AM9/9/19
to jenkinsc...@googlegroups.com
Devin Nusbaum updated an issue
 
Jenkins / Bug JENKINS-56016
Input step submitter parameter is ignored for administrators
Change By: Devin Nusbaum
Summary: Input Submitter step submitter parameter is ignored for administrators
Add Comment Add Comment
 
This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f)
Atlassian logo

dnusbaum@cloudbees.com (JIRA)

unread,
Sep 9, 2019, 9:52:11 AM9/9/19
to jenkinsc...@googlegroups.com
Devin Nusbaum started work on Bug JENKINS-56016
 
Change By: Devin Nusbaum
Status: Open In Progress

dnusbaum@cloudbees.com (JIRA)

unread,
Sep 9, 2019, 9:52:11 AM9/9/19
to jenkinsc...@googlegroups.com
Change By: Devin Nusbaum
Status: In Progress Review

dnusbaum@cloudbees.com (JIRA)

unread,
Sep 9, 2019, 10:04:03 AM9/9/19
to jenkinsc...@googlegroups.com
Devin Nusbaum commented on Bug JENKINS-56016
 
Re: Input step submitter parameter is ignored for administrators

Omit Rathore I don't think so, if you think you have found such a case, and can reproduce it, please file a new issue in the SECURITY project and CC me on it.

dnusbaum@cloudbees.com (JIRA)

unread,
Sep 10, 2019, 11:12:03 AM9/10/19
to jenkinsc...@googlegroups.com
 

A PR was merged to update the documentation, but it has not been released yet.
Change By: Devin Nusbaum
Status: In Review Fixed but Unreleased
Assignee: Adrian Wyssmann
Resolution: Fixed

atzimler@icloud.com (JIRA)

unread,
Oct 1, 2019, 8:53:03 PM10/1/19
to jenkinsc...@googlegroups.com
Attila Tamas Zimler commented on Bug JENKINS-56016
 
Re: Input step submitter parameter is ignored for administrators

Hi, I've run into the same issue as being an Administrator allows me to approve my own processes. In my case this a problem, because I'm trying to implement a system where an additional administrator needs to approve the process, and the one that is requesting the process run is actually not in the list of the approvers acceptable. However, because of the issue mentioned above, this still allows the user to approve the process.

wfollonier@cloudbees.com (JIRA)

unread,
Oct 2, 2019, 3:56:03 AM10/2/19
to jenkinsc...@googlegroups.com

Attila Tamas Zimler that could be an interesting scenario. Perhaps adding an option to allow/disallow admin in addition to the submitter list could do the trick. Devin Nusbaum Do you think it's valuable to re-open this ticket or creating a new one? (or "refusing the scenario", also an option).

dnusbaum@cloudbees.com (JIRA)

unread,
Oct 2, 2019, 9:12:03 AM10/2/19
to jenkinsc...@googlegroups.com

To me, it still seems pointless, because an admin could always approve the input indirectly through tools like the script console with their elevated permissions, or create a new job that does what they want, and just run that. Anyone with admin permissions should be considered trusted, and if you do not trust them, then they should not be an admin. If you do trust them, then this just seems like something to be enforced socially by making sure the message for the input requests that a different admin approve the input.

atzimler@icloud.com (JIRA)

unread,
Oct 2, 2019, 9:27:03 PM10/2/19
to jenkinsc...@googlegroups.com

Hi, I've worked around the issue with actually adding cycles into the groovy description of the pipeline. I just wanted to add a note on the fact that for my scenario is not a trust issue, it is more of avoiding potential accidents with production systems. Our admin team can freely adjust the build process too, but we are responsible and don't do that either for the purpose of circumventing protective measures.
Reply all
Reply to author
Forward
0 new messages