ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-06-19 06:40:21 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

Don't create world-readable module and tempfiles without explicit user permission

Browse source
This commit is contained in:
Toshio Kuratomi 2016-03-21 14:17:53 -07:00
parent 0cabef19ad
commit 52e9209491
14 changed files with 217 additions and 78 deletions
Download patch file Download diff file Expand all files Collapse all files

1
lib/ansible/constants.py
View file

@ -165,6 +165,7 @@ DEFAULT_VAR_COMPRESSION_LEVEL = get_config(p, DEFAULTS, 'var_compression_level',
# disclosure
DEFAULT_NO_LOG = get_config(p, DEFAULTS, 'no_log', 'ANSIBLE_NO_LOG', False, boolean=True)
DEFAULT_NO_TARGET_SYSLOG = get_config(p, DEFAULTS, 'no_target_syslog', 'ANSIBLE_NO_TARGET_SYSLOG', False, boolean=True)
ALLOW_WORLD_READABLE_TMPFILES = get_config(p, DEFAULTS, 'allow_world_readable_tmpfiles', None, False, boolean=True)
# selinux
DEFAULT_SELINUX_SPECIAL_FS = get_config(p, 'selinux', 'special_context_filesystems', None, 'fuse, nfs, vboxsf, ramfs', islist=True)