[JENKINS-26570] turn on "Mask passwords" to all jobs

Type: Improvement
Resolution: Unresolved
Priority: Minor
Component/s: mask-passwords-plugin
Labels:
- security

Similar Issues:
Powered by SuggestiMate

Show

Now it's possible to turn on "mask passwords" in each job separately. It could be good to turn it on globally so it wouldn't be possible to turn it of if you don't have administrator privileges.

e.g. I have properties file which contains password. It's possible to create job which do cat on this file. For now only solution is to fully remove others to configure and create new jobs.

Vitor Dantas added a comment - 2016-04-10 14:52

Same issue here.

We would like to have some globally defined passwords to be used in jobs e.g. to deploy to a jboss instance. Those passwords should not be available to all jenkins users.

However, as it turns out today, any user that can configure jobs might uncheck the option to mask passwords and then proceed to execute the job and read the password in plain text on the output log. For me this is a major blocker in security.

Vitor Dantas added a comment - 2016-04-10 14:52 Same issue here. We would like to have some globally defined passwords to be used in jobs e.g. to deploy to a jboss instance. Those passwords should not be available to all jenkins users. However, as it turns out today, any user that can configure jobs might uncheck the option to mask passwords and then proceed to execute the job and read the password in plain text on the output log. For me this is a major blocker in security.

Assignee:: Daniel Petisme

Reporter:: Maris Zulis

Votes:: 2 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2015-01-23 14:10

Updated:: 2016-04-10 14:52

Jenkins

Details

Description

Attachments

Activity

Collapse comment: Vitor Dantas added a comment - 2016-04-10 14:52

Expand comment: Vitor Dantas added a comment - 2016-04-10 14:52

People

Dates