Hi Guys, At the moment the default access for anonymous is read which allows everyone to see executed jobs and the output of those which may contain sensitive data as URLs usernames etc. without login by just knowing the URL of jenkins if reachable from the Internet. Is there a reason why default access is not set to allow nothing and let the Administrator or User itself decide if he wants to open it when for example running in a safe LAN area ?
-- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/213d292e-c931-47e5-ad7b-16f76fb20756%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
