1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

Place retry file in the user's home dir instead of /var/lib/tmp

Addresses CVE-2013-4260: predictable filename used for failed results
in world writable directory.
This commit is contained in:
James Cammarata 2013-08-20 12:22:48 -05:00
parent 6bf5d19506
commit ed3e4aff84

View file

@ -477,13 +477,7 @@ class PlayBook(object):
basedir = self.inventory.basedir() basedir = self.inventory.basedir()
filename = "%s.retry" % os.path.basename(self.filename) filename = "%s.retry" % os.path.basename(self.filename)
filename = filename.replace(".yml","") filename = filename.replace(".yml","")
filename = os.path.join(os.path.expandvars('$HOME/'), filename)
if not os.path.exists('/var/tmp/ansible'):
try:
os.makedirs('/var/tmp/ansible')
except:
pass
filename = os.path.join('/var/tmp/ansible', filename)
try: try:
fd = open(filename, 'w') fd = open(filename, 'w')