If a job uses EnvInjectPasswordWrapper, the stream close command won't be propagated to upper loggers. It means that the files may stay in open state => potential file descriptor leaks.

The leaks may have a big impact if you try delete a job from a remote NFS storage. Plugins like Timestamper also multiply a number of unclosed files, hence there's a real risk of the open descriptors overflow.