Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-23447

Sensitive build variables recorded in EnvInjectSavable and displayed in EnvInjectAction

    XMLWordPrintable

Details

    Description

      If you have a BuildWrapper which overrides makeSensitiveBuildVariables to specify that its additions are to be considered secret, then add an EnvInjectBuilder which adds some unrelated variables, injectedEnvVars.txt includes the sensitive variables (in plaintext) and /job/.../.../injectedEnvVars/ shows them as well.

      Attachments

        Issue Links

          is blocking

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-23630 Update to new environment variable APIs

          • Major - Major loss of function.
          • Resolved
          is related to

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-12423 Password masked by Mask Passwords are visible when using envinject plugin

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-4428 MavenProbeAction exposes password parameters

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-24287 EnvInject exposes password hashes

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

          Activity

            Ascending order - Click to sort in descending order
            jglick Jesse Glick created issue -
            jglick Jesse Glick made changes -
            Field Original Value New Value
            Link This issue is blocking JENKINS-23630 [ JENKINS-23630 ]
            jglick Jesse Glick made changes -
            Link This issue is related to JENKINS-24287 [ JENKINS-24287 ]
            jglick Jesse Glick made changes -
            Link This issue is related to JENKINS-4428 [ JENKINS-4428 ]
            schristou Steven Christou made changes -
            Assignee Gregory Boissinot [ gbois ] Nicolas De Loof [ ndeloof ]
            Resolution Fixed [ 1 ]
            Status Open [ 1 ] Resolved [ 5 ]
            oleg_nenashev Oleg Nenashev made changes -
            Link This issue is related to JENKINS-27363 [ JENKINS-27363 ]
            oleg_nenashev Oleg Nenashev made changes -
            Link This issue is related to JENKINS-27363 [ JENKINS-27363 ]
            jglick Jesse Glick made changes -
            Link This issue is related to JENKINS-12423 [ JENKINS-12423 ]
            rtyler R. Tyler Croy made changes -
            Workflow JNJira [ 156075 ] JNJira + In-Review [ 195334 ]

            People

              ndeloof Nicolas De Loof
              jglick Jesse Glick
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: