ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-08-30 09:51:42 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Don't create world-readable module and tempfiles without explicit user permission

Browse source
This commit is contained in:
Toshio Kuratomi 2016-03-21 14:17:53 -07:00
commit 52e9209491
14 changed files with 217 additions and 78 deletions
Download patch file Download diff file Expand all files Collapse all files

8
examples/ansible.cfg
View file

@ -212,6 +212,14 @@
# prevents logging of tasks, but only on the targets, data is still logged on the master/controller
#no_target_syslog = False
# controls whether Ansible will raise an error or warning if a task has no
# choice but to create world readable temporary files to execute a module on
# the remote machine. This option is False by default for security. Users may
# turn this on to have behaviour more like Ansible prior to 2.1.x. See
# https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user
# for more secure ways to fix this than enabling this option.
#allow_world_readable_tmpfiles = False
# controls the compression level of variables sent to
# worker processes. At the default of 0, no compression
# is used. This value must be an integer from 0 to 9.