[JIRA] [build-pipeline] (JENKINS-22665) BuildPipelineView.MyUserIdCause stores entire hudson.model.User

Thu, 17 Apr 2014 08:12:14 -0700

Issue Type: Bug Bug
Assignee: Unassigned
Components: build-pipeline
Created: 17/Apr/14 3:11 PM
Description:

Since MyUserIdCause.user is not transient, the entire User object is serialized to a build record as per $JENKINS_HOME/users/*/config.xml, including dangerous things like a customized API token and credentials.

And the class is not static, so it serializes a reference to the BuildPipelineView mentioning it.

Example:

<?xml version='1.0' encoding='UTF-8'?>
<build>
  <actions>
    ...
    <hudson.model.CauseAction>
      <causes>
        <au.com.centrumsystems.hudson.plugin.buildpipeline.BuildPipelineView_-MyUserIdCause plugin="build-pipeline-plugin@1.3.3">
          <userId>per...@somewhere.com</userId>
          <user>
            <fullName>Some Person</fullName>
            <properties>
              <jenkins.security.ApiTokenProperty>
                <apiToken>OOPS!</apiToken>
              </jenkins.security.ApiTokenProperty>
              <com.cloudbees.plugins.credentials.UserCredentialsProvider_-UserCredentialsProperty plugin="credentials@1.9.3">
                <domainCredentialsMap class="hudson.util.CopyOnWriteMap$Hash">
                  <entry>
                    ...
                  </entry>
                </domainCredentialsMap>
              </com.cloudbees.plugins.credentials.UserCredentialsProvider_-UserCredentialsProperty>
              <hudson.model.MyViewsProperty>
                <views>
                  ...
                </views>
              </hudson.model.MyViewsProperty>
              <hudson.plugins.openid.OpenIdUserProperty plugin="openid@2.3">
                <identifiers>
                  <string>OOPS!</string>
                </identifiers>
              </hudson.plugins.openid.OpenIdUserProperty>
              ...
            </properties>
          </user>
          <outer-class reference="../user/properties/hudson.model.MyViewsProperty/views/au.com.centrumsystems.hudson.plugin.buildpipeline.BuildPipelineView[10]"/>
        </au.com.centrumsystems.hudson.plugin.buildpipeline.BuildPipelineView_-MyUserIdCause>
      </causes>
    </hudson.model.CauseAction>
    ...
  </actions>
  ...
</build>


A Cause must be a static class with a small serial form. In this case you need only a String userId field; use User.get to retrieve the live object on demand.



(Or just use the standard UserIdCause. It is not clear why you felt the need to subclass that.)
Project: Jenkins
Labels: security
Priority: Critical Critical
Reporter: Jesse Glick
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira

--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to