From 390d82fc090deb9f68ffcb7009a5b87a0af25d80 Mon Sep 17 00:00:00 2001 From: Jeremy Stanley Date: Sat, 7 Nov 2015 03:07:42 +0000 Subject: [PATCH] Update cli-shutdown.groovy for license grant Use the latest copy of cli-shutdown.groovy which includes a license grant and some code comments. Change-Id: I2f126e5a67d557c363e2a722532a9240a43d8c51 --- files/cli-shutdown.groovy | 33 +++++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/files/cli-shutdown.groovy b/files/cli-shutdown.groovy index 23bb689..719df7f 100644 --- a/files/cli-shutdown.groovy +++ b/files/cli-shutdown.groovy @@ -1,13 +1,42 @@ -# taken directly from https://github.com/jenkinsci-cert/SECURITY-218 -# https://jenkins-ci.org/content/mitigating-unauthenticated-remote-code-execution-0-day-jenkins-cli +/* +======================================================================= +Taken directly from https://github.com/jenkinsci-cert/SECURITY-218 +See https://jenkins-ci.org/content + /mitigating-unauthenticated-remote-code-execution-0-day-jenkins-cli +======================================================================= + +The MIT License + +Copyright (c) 2015, Kohsuke Kawaguchi + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. +*/ import jenkins.*; import jenkins.model.*; +// disabled CLI access over TCP listener (separate port) def p = AgentProtocol.all() p.each { x -> if (x.name.contains("CLI")) p.remove(x) } +// disable CLI access over /cli URL def j = Jenkins.instance; j.actions.each { x -> if (x.getClass().name.contains("CLIAction")) j.actions.remove(x) }