From faa2449f55eb023fecf8bb69d32874ea17161058 Mon Sep 17 00:00:00 2001 From: Nicolas Le Manchet Date: Wed, 11 Feb 2015 14:15:38 +0100 Subject: [PATCH] Set proper permissions for ansible-vault view --- lib/ansible/utils/vault.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/ansible/utils/vault.py b/lib/ansible/utils/vault.py index 3622b500b15..842688a2c18 100644 --- a/lib/ansible/utils/vault.py +++ b/lib/ansible/utils/vault.py @@ -281,8 +281,10 @@ class VaultEditor(object): tmpdata = self.read_data(self.filename) this_vault = VaultLib(self.password) dec_data = this_vault.decrypt(tmpdata) + old_umask = os.umask(0o077) _, tmp_path = tempfile.mkstemp() self.write_data(dec_data, tmp_path) + os.umask(old_umask) # drop the user into pager on the tmp file call(self._pager_shell_command(tmp_path))