Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.
Bug 357316 - many hudson jobs have ROLE_CALISTO-DEV group authorized
Summary: many hudson jobs have ROLE_CALISTO-DEV group authorized
Status: RESOLVED WORKSFORME
Alias: None
Product: Community
Classification: Eclipse Foundation
Component: CI-Jenkins (show other bugs)
Version: unspecified   Edit
Hardware: PC Linux
: P3 normal (vote)
Target Milestone: ---   Edit
Assignee: Eclipse Webmaster CLA
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-09-10 20:13 EDT by David Williams CLA
Modified: 2011-09-12 14:14 EDT (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description David Williams CLA 2011-09-10 20:13:49 EDT 
I just happened to notice, this "wst xml" job has the calisto-dev group authorized to make changes (and delete!) the job. 

Doubt this hurts anything and not it is too dangerous (calisto dev being a very trustworthy group :) ... but, seems king of inappropriate, likely just a left over from initial creation? 

I just happened to notice, while looking for examples of icons. 

I hope this bug report is helpful.
Comment 1 David Williams CLA 2011-09-10 20:20:12 EDT 
actually, as I look more, a great many hudson jobs have ROLE_CALISTO-DEV authorized. 

Some sweep through configs would seem appropriate, to me. 

To improve security, a little.
Comment 2 Eclipse Webmaster CLA 2011-09-12 14:14:09 EDT 
To the best of my knowledge these would have been added by the projects, Webmaster wouldn't add them by default(ok if we cloned a job that had these perms then technically 'we' set it).

Since we agree that committers are worthy of trust, I'm going to leave this as something the projects are free to keep or not. 

-M.