![]() |
|
|
|
|
Issue Type:
|
![New Feature]() New Feature
|
|
Assignee:
|
Unassigned |
|
Attachments:
|
jenkins_allgemeines.png, Jenkins_PeopleView.png |
|
Components:
|
active-directory, matrix, security |
|
Created:
|
23/Jul/13 10:03 AM
|
|
Description:
|
Even when choosing the most restricted user rights (Role Plugin: Global Role only 1 Read), it is possible for every user to view the Jenkins User Id AND the name of the user (see screenshots).
Working with an Active Directory for authentication, this means its possible for everybody to get the user names from AD AND the common names (Security Hole with AD Plugin?).
Goal: create a Permission to allow specific People/Roles to see this User Account info and deny it to all others.
|
|
Environment:
|
CentOS
|
|
Project:
|
Jenkins
|
|
Labels:
|
security
jenkins
configuration
matrix
|
|
Priority:
|
![Major]() Major
|
|
Reporter:
|
Annabella Schmidt
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit
https://groups.google.com/groups/opt_out.
