Merge pull request #11764 from lpirl/devel_v2

fixes remote code execution for su/sudo with strict remote umasks
2026-05-06 13:22:48 +00:00 · 2015-08-11 22:30:44 -04:00
parent 38eb53de1d d9aa14feea
commit e0b074000e
2 changed files with 8 additions and 3 deletions
--- a/lib/ansible/plugins/shell/sh.py
+++ b/lib/ansible/plugins/shell/sh.py
@@ -65,9 +65,14 @@ class ShellModule(object):
        if system and (basetmp.startswith('$HOME') or basetmp.startswith('~/')):
            basetmp = self.join_path('/tmp', basefile)
        cmd = 'mkdir -p "%s"' % basetmp
-        if mode:
-            cmd += ' && chmod %s "%s"' % (mode, basetmp)
        cmd += ' && echo "%s"' % basetmp
+
+        # change the umask in a subshell to achieve the desired mode
+        # also for directories created with `mkdir -p`
+        if mode:
+            tmp_umask = 0777 & ~mode
+            cmd = '(umask %o && %s)' % (tmp_umask, cmd)
+
        return cmd

    def expand_user(self, user_home_path):