Credentials metadata leaks

XMLWordPrintable

      doFillCredentialsIdItems in DockerBuilderNewTemplate, DockerBuilderControlOptionRun, DockerTemplate should do some kind of security check, probably

      if (!Jenkins.getInstance().hasPermission(Jenkins.ADMINISTER)) {
    return new ListBoxModel();
}

      (or something more specific if you have it) lest they expose credentials IDs and descriptions to anonymous users.

            Assignee:
            Nicolas De Loof
            Reporter:
            Jesse Glick
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: