Bamboo 2.1 : Bamboo Security Advisory 2008-02-08 (Bamboo 2.0 Beta)
This page last changed on Oct 16, 2008 by alui.
In this advisory: Bamboo 2.0 Beta Security ConsiderationsRisk AssessmentThe Bamboo 2.0 Beta does not include the security features that will be present in the final released product. Please note the following security implications when enabling Bamboo's remote agent functionality:
We strongly recommend that you do not enable remote agent installation on any Bamboo instance accessible from a public or untrusted network. Creating remote agents is disabled by default. VulnerabilityAn unauthorised party could steal sensitive data passing between the Bamboo server and agents or run malicious code on your agents, as described in the 'Risk Assessment' section. FixThese are limitations of the beta release only and will be addressed before the final released product. |
![]() |
Document generated by Confluence on Mar 02, 2009 18:51 |