Julien R. created JENKINS-13706: ----------------------------------- Summary: Config stored jabber credential in clear text Key: JENKINS-13706 URL: https://issues.jenkins-ci.org/browse/JENKINS-13706 Project: Jenkins Issue Type: Bug Components: jabber Affects Versions: current Reporter: Julien R. Assignee: kutzi Priority: Minor
If you open hudson.plugins.jabber.im.transport.JabberPublisher.xml you will notice that the jabber password is stored in cleartext : {code:xml} <hudson.plugins.jabber.im.transport.JabberPublisherDescriptor> [...] <hudsonPassword>Protext_the_innocent</hudsonPassword> {code} Other components (ldap bind password, svn) have a hash mechanism as far as I can see, not sure if there is a common library to use but it would be a nice addition. Thank you ! -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jenkins-ci.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira