-
-
Notifications
You must be signed in to change notification settings - Fork 636
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
jenkins_user
creates user with blank password by default
#567
Comments
For what it's worth, I'm currently using this to prevent anyone (including myself ;)) logging in with the chef run user: # Create the Jenkins user with the public key
jenkins_user 'chef' do
public_keys [public_key]
password SecureRandom.uuid
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Cookbook version
4.2.1
Chef-client version
12.18.31
Platform Details
CentOS Linux release 7.3.1611 (core) (AWS EC2 instance)
Scenario:
when
jenkins_user
is used to create a user account, by default, it creates one with a password set to "", which means anybody can use it to login to Jenkins without supplying a password. It appears there is apassword
resource attribute which can be used to set the password, but it is completely undocumented so nobody would know to use it, and if not supplied, defaults to being wide-open.This is actually made even worse because under "Caveats" in the README, it actually recommends to use the following to set up an authenticated user for Chef to use, which if used as directed makes the 'chef' user able to be logged into by anybody without a password, completely undermining the security of the system:
If the
password
attribute is not specified in ajenkins_user
resource, ideally the user account should be set such that the ability to login via password completely disabled.(as a side-note, it would also be nice if there was some way to specify the password as an already-hashed value, such that it could be supplied to the resource without having to be stored in cleartext in Chef. If this were implemented, it might also be possible to implement the no-password state by just defaulting to an invalid hash for the pre-hashed value)
The text was updated successfully, but these errors were encountered: