Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-73305

.ssh directory created with default permissions

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • git-client-plugin
    • None

      https://github.com/jenkinsci/git-client-plugin/pull/1127#discussion_r1622367609 reveals that the git-client plugin creates the users ~/.ssh directory with default permissions.

      Depending on the umask of the user this can result in insecure permissions of the directory.

      This is not a security issue as SSH performs checks of the files it uses and their parent directories and will refuse to utilise a file if it is deemed insecure.

      However creating the directory without restriction is bad and if any job would attempt to use any of the native `ssh` command line(s) later it could fail due to the incorrect settings.

      As there is no valid reason to not apply the recomended restrictions to the folder the plugin should create the directory appropriately when the file system is one supporting Posix based permissions.   

            markewaite Mark Waite
            teilo James Nord
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: