CIFS-Publisher prints password in cleartext in log and settings file

XMLWordPrintable

    • Type: Bug
    • Resolution: Fixed
    • Priority: Major
    • Component/s: cifs-plugin
    • None
    • Environment:
      Hudson 1.395
      CIFS-Publisher Plugin 1.1.12
      Windows XP SP3 Host

      See HUDSON-8720 for the original issue before the move to Jenkins.

      The password for the share appears in cleartext in hudson.out.log (I believe it happens when saving the system configuration) and in com.slide.hudson.plugins.CIFSPublisher.xml.

      The password should never be stored/displayed or it should be stored encrypted or as a hash.

            Assignee:
            Alex Earl
            Reporter:
            Darth Vader
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: