![]() |
|
|
|
|
Issue Type:
|
![Bug]() Bug
|
|
Assignee:
|
stephenconnolly
|
|
Components:
|
credentials-plugin |
|
Created:
|
12/Feb/15 7:51 PM
|
|
Description:
|
The credentials.xml file holds a plaintext copy of the credentials stored via Jenkins. On a fresh install of Jenkins, this file has world readable permissions by default:
$ ls -l /var/lib/jenkins/credentials.xml
rw-rr- 1 jenkins jenkins 2863 Feb 12 19:00 /var/lib/jenkins/credentials.xml
It should have at least group readable permissions only.
|
|
Environment:
|
Credentials plugin version 1.22 on Jenkins 1.580.3 on ubuntu 14.04 LTS
|
|
Project:
|
Jenkins
|
|
Priority:
|
![Major]() Major
|
|
Reporter:
|
William Hutson
|
|
|
|
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators.
For more information on JIRA, see: http://www.atlassian.com/software/jira
|
--
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
[email protected].
For more options, visit
https://groups.google.com/d/optout.
