Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
My recommended fix in response to #1093. This does not eliminate nor exclude the need for more generic pluggability, but it would at least address the security concern.
  • Loading branch information
kohsuke committed Jan 19, 2014
1 parent 0c9d7db commit 22f2238
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 1 deletion.
3 changes: 3 additions & 0 deletions changelog.html
Expand Up @@ -55,6 +55,9 @@
<!-- Record your changes in the trunk here. -->
<div id="trunk" style="display:none"><!--=TRUNK-BEGIN=-->
<ul class=image>
<li class=bug>
Removing the "keep this build forever" lock on a build should require the DELETE permission.
(<a href="https://issues.jenkins-ci.org/browse/JENKINS-16417">issue 16417</a>)
<li class=bug>
Files added to zip archive are closed properly.
(<a href="https://issues.jenkins-ci.org/browse/JENKINS-20345">issue 20345</a>)
Expand Down
2 changes: 1 addition & 1 deletion core/src/main/java/hudson/model/Run.java
Expand Up @@ -2086,7 +2086,7 @@ public final void keepLog() throws IOException {
}

public void keepLog(boolean newValue) throws IOException {
checkPermission(UPDATE);
checkPermission(newValue ? UPDATE : DELETE);
keepLog = newValue;
save();
}
Expand Down

2 comments on commit 22f2238

@daniel-beck
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should hide the button to un-keep forever as well. See change to logKeep.jelly in #1093.

@kohsuke
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Addressed in 02ab748

Please sign in to comment.