Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-61808

Always encrypt f:password values, not just those backed by Secret

    XMLWordPrintable

    Details

    • Similar Issues:
    • Released As:
      2.236

      Description

      Too many people get theĀ Secret getters wrong. What if we just always returned a Secret, and had a StringConverter to handle submitted secrets and transparently decrypt again?

      This would eliminate this class of problem. Only storage would really need to be done as Secret, but the internal API types wouldn't matter so much.

      Test cases need to include String typed encrypted secrets, and unmatched getter/setter types.

        Attachments

          Issue Links

            Activity

            danielbeck Daniel Beck created issue -
            danielbeck Daniel Beck made changes -
            Field Original Value New Value
            Status Open [ 1 ] In Progress [ 3 ]
            danielbeck Daniel Beck made changes -
            Link This issue is duplicated by SECURITY-1806 [ SECURITY-1806 ]
            jglick Jesse Glick made changes -
            Status In Progress [ 3 ] In Review [ 10005 ]
            jglick Jesse Glick made changes -
            Remote Link This issue links to "jenkins #4630 (Web Link)" [ 24824 ]
            jglick Jesse Glick made changes -
            Link This issue causes JENKINS-62305 [ JENKINS-62305 ]
            jglick Jesse Glick made changes -
            Released As 2.236
            Resolution Fixed [ 1 ]
            Status In Review [ 10005 ] Resolved [ 5 ]
            jglick Jesse Glick made changes -
            Labels security
            dnusbaum Devin Nusbaum made changes -
            Link This issue causes JENKINS-63499 [ JENKINS-63499 ]
            dnusbaum Devin Nusbaum made changes -
            Link This issue causes JENKINS-63500 [ JENKINS-63500 ]
            dnusbaum Devin Nusbaum made changes -
            Link This issue causes JENKINS-63516 [ JENKINS-63516 ]

              People

              Assignee:
              danielbeck Daniel Beck
              Reporter:
              danielbeck Daniel Beck
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: