Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-2381

Passwords should not be stored in a decodable form

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Fixed
    • Critical
    • _unsorted
    • None
    • Platform: Macintosh, OS: All

    Description

      When using Hudson's own user database, passwords are stored in base 64. The problem is that
      someone who has access to the user configuration files would be able to easily decode these
      passwords. This in turn can lead to other security problems, if users aren't smart about using different
      passwords for different services.

      Further, the fact that passwords are currently reversible means that checking Hudson configurations
      into source code control, or otherwise backing them up is potentially dangerous from a security
      perspective.

      A better approach would be to store a non-reversible digest (like SHA256) of the password in the user
      configuration file. To validate a password, the Hudson application would digest the password specified
      by the user at login and compare it to the digest stored. If they are equal, then the user is
      authenticated.

      Apparently Hudson uses Acegi Security to implement password authentication. According to the Acegi
      site, they support digest-based password encoders. Hudson should be changed to use SHA1 at a
      minimum (or a stronger digest, like SHA256, if possible), migrating older clear text passwords to new
      configuration files.

      Attachments

        Activity

          People

            mindless Alan Harder
            acronce acronce
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: