On 23/06/11 6:19 PM, Casey Ransberger wrote:
> A friend of a friend passed along a valid concern today: Hudson/Jenkins can run arbitrary shell commands.

Yes, the configuration of a Hudson/Jenkins job allows shell commands. 
But, changing the job configuration normally requires a user login. To 
monitor build status and download build artifacts from the server, does 
NOT require any login.