Reply to post:

Jenkins warns of security holes in these 25 plugins

karlkarl Silver badge

We always predicted that Jenkins was going to be a constant security hazard.

We allow ours to only listen on localhost and then port forward 8080 through an SSH tunnel as needed. Likewise it uses an SSH tunnel to the SVN, Git and Perforce hosts so it can poll/pull updates. For all intents and purposes it is "offline".

Though for some of our smaller projects we actually just prefer some ratty shell scripts scanning git repos and if a change is detected, doing a build and calling "make" in them. I feel most people can get away with just that.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon