Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cbi-dev] Make job config publicly visible by default?


Before sending my earlier too-simple response to accessing, I checked and corrected the permissions of

It would appear that the intention to provide read access by default is not happening in practice. It would appear that most jobs do not comply.

I see two sets of defaults. One for anonymous and one for authenticated users. Does "authenticated" mean logged in? Both sets of permissions seem blank by default.

I feel that it is very important to at least allow logged in users to read the job config. The only security issue I can see is if some script has a clear text password, which seems like a very undesirable practice meriting an alternative solution, just possibly an explicitly private config.


        Ed Willink

On 10/10/2018 11:07, Mickael Istria wrote:

On Wed, Oct 10, 2018 at 11:41 AM Frederic Gurr <frederic.gurr@xxxxxxxxxxxxxxxxxxxxxx> wrote:
By default, anonymous users have the following permissions:
* Overall/Read
* Job/Read
So anonymous users can see build results, build artifacts & console logs.

Ok, so that could be an issue with my specific pipeline job then.
On , if I'm not logged in, I can't see the Pull Request jobs. I'd like any user to be able to look at PR build status.

By default, all logged in committers also have the following permission:
* Job/ExtendedRead
This allows to *read* the job configuration.

Ok, good then.

Allowing non-privileged users to read the job configuration *can* be a
potential security issue.

Out of curiosity, what kind of security issue could it be?

cbi-dev mailing list
To change your delivery options, retrieve your password, or unsubscribe from this list, visit


Back to the top