mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
Place retry file in the user's home dir instead of /var/lib/tmp
Addresses CVE-2013-4260: predictable filename used for failed results in world writable directory.
This commit is contained in:
parent
6bf5d19506
commit
ed3e4aff84
1 changed files with 1 additions and 7 deletions
|
@ -477,13 +477,7 @@ class PlayBook(object):
|
||||||
basedir = self.inventory.basedir()
|
basedir = self.inventory.basedir()
|
||||||
filename = "%s.retry" % os.path.basename(self.filename)
|
filename = "%s.retry" % os.path.basename(self.filename)
|
||||||
filename = filename.replace(".yml","")
|
filename = filename.replace(".yml","")
|
||||||
|
filename = os.path.join(os.path.expandvars('$HOME/'), filename)
|
||||||
if not os.path.exists('/var/tmp/ansible'):
|
|
||||||
try:
|
|
||||||
os.makedirs('/var/tmp/ansible')
|
|
||||||
except:
|
|
||||||
pass
|
|
||||||
filename = os.path.join('/var/tmp/ansible', filename)
|
|
||||||
|
|
||||||
try:
|
try:
|
||||||
fd = open(filename, 'w')
|
fd = open(filename, 'w')
|
||||||
|
|
Loading…
Reference in a new issue