Uploaded image for project: 'Continuum'
  1. Continuum
  2. CONTINUUM-1741

release.properties file containing scm credentials in plain text is visible through the Web UI

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 1.1
    • 1.2
    • Web - UI
    • None
    • Patch

    Description

      This is definitely a security hole. As a quickfix, the release.properties file can be hidden in the web ui until a more elegant solution in maven release is done.

      Attachments

        Issue Links

          relates to

          Improvement - An improvement or enhancement to an existing feature or task. CONTINUUM-2202 Do not show subversion password in plain text

          • Major - Major loss of function.
          • Closed

          Improvement - An improvement or enhancement to an existing feature or task. MRELEASE-340 Don't store the scm password in plaintext in release.properties

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              olamy Olivier Lamy
              nramirez Nap Ramirez
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: