Child pages
  • Permissive Script Security Plugin

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

Excerpt

Turn on permissive mode of Script Security Plugin. Problematic signatures will be logged but access will not be rejected.

Wiki Markup
{jenkins-plugin-info:pluginId=permissive-script-security}
Warning

This plugin enables execution of unsecured groovy scripts on Jenkins master. Do not use it unless you know what you are doing.

Suppressing the security put in place in several Jenkins plugins is discouraged though sometimes useful practice. For example, migrating configuration from a plugin version that allows unsecured script execution to the secured version. Enabling this temporarily, will not block on potentially unsafe signatures so they can be evaluated and whitelisted and the plugin can be uninstalled again.

The plugin is disabled after installation. It can be enabled providing -Dpermissive-script-security.enabled=true property to Jenkins master JVM or running following groovy script org.jenkinsci.plugins.permissivescriptsecurity.PermissiveWhitelist.enabled=true. Note that combination filters from Matrix Project plugin are evaluated at Jenkins boot time so it needs to be enabled via property for affected jobs to load successfully.