internet/community.general
3
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2026-05-08 14:22:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

fixes remote code execution for su/sudo and strict remote umasks

Browse Source 
* temporarily changes umask for creating temporary directories
    * otherwise parent directories may not get chmod'ed and end up
      unreadable
refs #9902
This commit is contained in:
Lukas Pirl
2015-07-28 19:24:23 +12:00
parent e505a1b7c4
commit d9aa14feea
2 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/ansible/plugins/action/__init__.py
View File

@@ -144,7 +144,7 @@ class ActionBase:
tmp_mode = None
if self._play_context.remote_user != 'root' or self._play_context.become and self._play_context.become_user != 'root':
tmp_mode = 'a+rx'
tmp_mode = 0755
cmd = self._connection._shell.mkdtemp(basefile, use_system_tmp, tmp_mode)
self._display.debug("executing _low_level_execute_command to create the tmp path")