[JENKINS-30532] rebuild shuld not store last used password non-stored

Type: Bug
Resolution: Unresolved
Priority: Critical
Component/s: rebuild-plugin
Labels:
None

Similar Issues:
Powered by SuggestiMate

Show

It's very bad that non-stored password parameters are stored for future rebuild. That's not what user expect - i.e. non-stored password should not be stored anywhere no matter what. This is to have some basic password security.

Tuukka Mustonen added a comment - 2017-01-16 10:48

Justed bumped into this (on 1.25) and it's a huge security hole that should be patched asap.

As a workaround, I ended up disabling rebuilding from those jobs that ask password (via non-stored-password field).

Tuukka Mustonen added a comment - 2017-01-16 10:48 Justed bumped into this (on 1.25) and it's a huge security hole that should be patched asap. As a workaround, I ended up disabling rebuilding from those jobs that ask password (via non-stored-password field).

Assignee:: ragesh_nair

Reporter:: akostadinov

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2015-09-17 22:41

Updated:: 2017-01-16 10:48

Jenkins

Details

Description

Attachments

Activity

Collapse comment: Tuukka Mustonen added a comment - 2017-01-16 10:48

Expand comment: Tuukka Mustonen added a comment - 2017-01-16 10:48

People

Dates