[JIRA] (JENKINS-15915) Password Parameter should not be stored (on disk)

[gregory.boissi...@gmail.com (JIRA)]

Gregory Boissinot
 updated  JENKINS-15915


Password Parameter should not be stored (on disk)
















Change By:


Gregory Boissinot
(25/Dec/12 7:57 PM)




Component/s:


mask-passwords



























This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira

[JIRA] (JENKINS-15915) Password Parameter should not be stored (on disk)

[t.lehm...@strato-rz.de (JIRA)]

Thomas Lehmann
 created  JENKINS-15915


Password Parameter should not be stored (on disk)















Issue Type:


Bug



Affects Versions:


current



Assignee:


Unassigned


Components:


parameters



Created:


25/Nov/12 10:32 AM



Description:


The Mask Passwords Plugin helps masking the password in Jenkins' GUI. 

Unfortunately the passwords are already stored clear text on disk.

They should not be stored. Storing them symmetrically encrypted is not necessary too, I think, as they are/should only used one time.




Environment:


Debian Linux Stable, Jenkins 1.462, Sun JDK 1.7




Project:


Jenkins



Labels:


parameter
security
password
cleartext
disk
unencrypted
stored




Priority:


Critical



Reporter:


Thomas Lehmann

























This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira