Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 357316

Summary: many hudson jobs have ROLE_CALISTO-DEV group authorized
Product: Community Reporter: David Williams <david_williams>
Component: CI-JenkinsAssignee: Eclipse Webmaster <webmaster>
Status: RESOLVED WORKSFORME QA Contact:
Severity: normal    
Priority: P3    
Version: unspecified   
Target Milestone: ---   
Hardware: PC   
OS: Linux   
Whiteboard:

Description David Williams CLA 2011-09-10 20:13:49 EDT 
I just happened to notice, this "wst xml" job has the calisto-dev group authorized to make changes (and delete!) the job. 

Doubt this hurts anything and not it is too dangerous (calisto dev being a very trustworthy group :) ... but, seems king of inappropriate, likely just a left over from initial creation? 

I just happened to notice, while looking for examples of icons. 

I hope this bug report is helpful.
Comment 1 David Williams CLA 2011-09-10 20:20:12 EDT 
actually, as I look more, a great many hudson jobs have ROLE_CALISTO-DEV authorized. 

Some sweep through configs would seem appropriate, to me. 

To improve security, a little.
Comment 2 Eclipse Webmaster CLA 2011-09-12 14:14:09 EDT 
To the best of my knowledge these would have been added by the projects, Webmaster wouldn't add them by default(ok if we cloned a job that had these perms then technically 'we' set it).

Since we agree that committers are worthy of trust, I'm going to leave this as something the projects are free to keep or not. 

-M.