-
Bug
-
Resolution: Fixed
-
Critical
-
None
Password parameters are stored as plain text in jobs' config and builds' history. They are accessible in:
- <job>/config.xml
- <job>/builds/<date>/build.xml
Cf. attached patches to fix that:
- PasswordParameterDefinition now inherits from SimpleParameterDefinition rather than StringParameterDefinition and uses a Secret to store the default password rather than a string.
- PasswordParameterValue now inherits from ParameterValue rather than StringParameterValue and uses Secret to store the password rather than a string.
- Backward compatibility kept.
Code changed in hudson
User: : kohsuke
Path:
trunk/hudson/main/core/src/main/java/hudson/model/PasswordParameterDefinition.java
trunk/hudson/main/core/src/main/java/hudson/model/PasswordParameterValue.java
trunk/www/changelog.html
http://jenkins-ci.org/commit/26736
Log:
[FIXED JENKINS-5420] in 1.344 Password parameter on the disk should be encrypted.