Hi All, This is Sarfroz Basha.. I'm Working on T-Systems ICT INDIA PVT LTD company. I have one risky task, Can you please help me on this.
I want to remove the ability for users of Jenkins Pipeline to be able to modify the Jenkinsfile or other loaded pipeline scripts using the Replay option. It seems that when a build with parameterized credentials is replayed, the credentials are reused. This may allow a user who doesn't know the password to run builds he shouldn't be able to, or impersonate other users. Example: Parameterized release -> The deployment credentials are parameters and so they aren't visible, but they are reused when the build is replayed. *Has anyone else experienced this or similar issues? Any assistance would be greatly appreciated!* *Regards,* *Sarfroz Basha* -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/c4d84b73-90a1-476c-b0c2-74a181f12015%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
