Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-54538

Ability to save unmasked credentials to file

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      It looks like saving password variable from withCredentials using writeFile doesn't mask the password. I consider this to be a security vulnerability.

        Attachments

          Issue Links

            Activity

            Hide
            t0mmili Tomasz Fijarczyk added a comment -

            Make sens, can't believe I missed the obvious

            Show
            t0mmili Tomasz Fijarczyk added a comment - Make sens, can't believe I missed the obvious
            Hide
            kon Kalle Niemitalo added a comment -

            https://jenkins.io/doc/pipeline/steps/credentials-binding/ says this is by design: "The masking could of course be trivially circumvented; anyone permitted to configure a job or define Pipeline steps is assumed to be trusted to use any credentials in scope however they like."

            Show
            kon Kalle Niemitalo added a comment - https://jenkins.io/doc/pipeline/steps/credentials-binding/ says this is by design: "The masking could of course be trivially circumvented; anyone permitted to configure a job or define Pipeline steps is assumed to be trusted to use any credentials in scope however they like."

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              t0mmili Tomasz Fijarczyk
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: