forums

I went through the cache directories in the server and noticed also slight security issue. Bamboo seems to register the repository path with username/password into the hgrc file in plain text (in the url) in the cache directory and the file permissions are such that it is readable by all. Not that the source code and builds itself might have something sensitive, but atleast I find it good to know that the username/password is not secure within the file system.