The best you can do is restrict the credentials in visibility. Have separate jobs using the credentials from others...
Lock permission to configure the jobs using credentials Etc I have some other thoughts which I may work on for making maven easier with the literate job type. On Wednesday 23 December 2015, Steffen Breitbach <steffen.breitb...@1und1.de> wrote: > Hi everyone! > > I've been agonising about this for quite some time now. However, I have > yet to find a solution for this. > > Is there a way to prevent malicious users from obtaining server passwords > from your Maven settings? > > If you use the Config File Provider plug in with the Credentials plug in, > you can add "help:effective-settings -DshowPasswords=true" and you will see > the passwords in clear text. > Even if you use Maven's security mechanism to encrypt passwords via the > settings-security.xml, you could e.g. add a build step that executes "cat > ~/.m2/settings-security.xml" (or hide something similar in your build > process). This way you'll have the crypted password and the > settings-security.xml and could still deploy unauthorized software to your > artifact repository. > > Is there any way to prevent this? > > Regards > Steffen > > -- > You received this message because you are subscribed to the Google Groups > "Jenkins Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to jenkinsci-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/jenkinsci-users/567A72F4.9060303%401und1.de > . > For more options, visit https://groups.google.com/d/optout. > -- Sent from my phone -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/CA%2BnPnMxrF%2BqxESGWTz3O8%3DtUd%2BCxQG4yS78vfxpRfUhYGayYaw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
