Skip to content
Permalink
Browse files Browse the repository at this point in the history
[FIXED SECURITY-73] Require RUN_SCRIPTS for /heapDump.
  • Loading branch information
jglick committed Feb 11, 2014
1 parent ac8e17b commit 0530a66
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion core/src/main/java/hudson/util/RemotingDiagnostics.java
Expand Up @@ -202,7 +202,7 @@ public void doIndex(StaplerResponse rsp) throws IOException {

@WebMethod(name="heapdump.hprof")
public void doHeapDump(StaplerRequest req, StaplerResponse rsp) throws IOException, InterruptedException {
owner.checkPermission(Jenkins.ADMINISTER);
owner.checkPermission(Jenkins.RUN_SCRIPTS);
rsp.setContentType("application/octet-stream");

FilePath dump = obtain();
Expand Down

2 comments on commit 0530a66

@daniel-beck
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jglick
Copy link
Member Author

@jglick jglick commented on 0530a66 Feb 17, 2014

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please sign in to comment.