cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Document security concern for users setting the system_tmpdirs shell plugin config (#72213)

Browse source
This commit is contained in:
Toshio Kuratomi 2020-10-19 11:58:09 -07:00 committed by GitHub
parent be5fc4e642
commit 618d1a3871
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
lib/ansible/plugins/doc_fragments/shell_common.py
View file

@ -34,9 +34,11 @@ options:
version_added: "2.10" version_added: "2.10"
system_tmpdirs: system_tmpdirs:
description: description:
- "List of valid system temporary directories for Ansible to choose when it cannot use - "List of valid system temporary directories on the managed machine for Ansible to choose
``remote_tmp``, normally due to permission issues. These must be world readable, writable, when it cannot use ``remote_tmp``, normally due to permission issues. These must be world
and executable." readable, writable, and executable. This list should only contain directories which the
system administrator has pre-created with the proper ownership and permissions otherwise
security issues can arise."
default: [ /var/tmp, /tmp ] default: [ /var/tmp, /tmp ]
type: list type: list
env: [{name: ANSIBLE_SYSTEM_TMPDIRS}] env: [{name: ANSIBLE_SYSTEM_TMPDIRS}]