-
Improvement
-
Resolution: Fixed
-
Major
-
None
-
Platform: All, OS: All
The current implementations of Launcher.launch(...)
all print the command line verbatim to the log.
When the command line includes a password, this is not good.
A second Launcher.launch(...) method which would allow the caller to **** out
the info that goes to the log files to make password snooping more difficult
[JENKINS-911] Alternate Launcher.launch that hides passwords on command line
Resolution | New: Fixed [ 1 ] | |
Status | Original: Open [ 1 ] | New: Resolved [ 5 ] |
Status | Original: Resolved [ 5 ] | New: Closed [ 6 ] |
Workflow | Original: JNJira [ 130984 ] | New: JNJira + In-Review [ 200277 ] |
It's a reasonable request but using passwords on command line arguments is
really insecure anyway — you still get to see them through /proc, pargs,
process explorer, etc.