Jenkins puts the jenkins user's home to /Users/Shared/Jenkins by default. After we are setting up the Jenkins user correctly (making it admin, putting it into the Developer group: _xcs, changing password, allow it to login automatically, run as a LauchAgent, etc.).
Because it is in the Shared folder everyone has writing and reading permissions to this directory, not just Jenkins. (Correct me if I'm wrong: if we leave things by default and one day we enable File Sharing every user on the network will have Read & Write permissions to Jenkins's home.)
I don't believe it would be a great thing (everyone has access for the .ssh/ folder, so the private keys won't be private for long...), what are the recommendations for solving this possible issue?
Currently I set everyone to no access (750). Is it a good solution?
drwxr-x---+ 21 jenkins _xcs 714B Jun 15 11:20 Jenkins