ansible

Author SHA1 Message Date

Author	SHA1	Message	Date
Rick Elrod	6e3271aa61	[stable-2.10] Revert default mode changes (#71260 ) * Revert "[stable-2.10] Revert "Change default file permissions so they are not world readable (#70221) (#70824)" (#71236)" This reverts commit `c968020d52`. * Revert "Remove porting guide entry related to reverted change (#71242)" This reverts commit `006a21eae2`.	2020-08-13 12:17:47 -05:00
Sam Doran	c968020d52	[stable-2.10] Revert "Change default file permissions so they are not world readable (#70221 ) (#70824 )" (#71236 ) * [stable-2.10] Revert "Fix warning for new default permissions when mode is not specified (#70976) (#70985)" This reverts commit `5cb96087e6`. * [stable-2.10] Revert "Change default file permissions so they are not world readable (#70221) (#70824)" This reverts commit `7e4cffc5d2`.	2020-08-12 14:30:47 -05:00
Sam Doran	5cb96087e6	Fix warning for new default permissions when mode is not specified (#70976 ) (#70985 ) Follow up to #70221 Related to #67794 CVE-2020-1736 When set_mode_if_different() is called with mode of 'None', ensure we issue a warning about the change in default permissions. Add integration tests to ensure the warning works properly. * Fix tests - actually use custom module 🤦‍♂️ - verify file permission on created files - use remote_tmp_dir so we're ready for split controller - improve test module so we can skip the call to set_fs_attributes_if_different() - fix tests for CentOS 6 (cherry picked from commit `dc79528cc6`)	2020-07-30 10:10:23 -07:00

Rick Elrod

6e3271aa61

[stable-2.10] Revert default mode changes (#71260 )

* Revert "[stable-2.10] Revert "Change default file permissions so they are not world readable (#70221) (#70824)" (#71236)"

This reverts commit c968020d52.

* Revert "Remove porting guide entry related to reverted change (#71242)"

This reverts commit 006a21eae2.

2020-08-13 12:17:47 -05:00

Sam Doran

c968020d52

[stable-2.10] Revert "Change default file permissions so they are not world readable (#70221 ) (#70824 )" (#71236 )

* [stable-2.10] Revert "Fix warning for new default permissions when mode is not specified (#70976) (#70985)"

This reverts commit 5cb96087e6.

* [stable-2.10] Revert "Change default file permissions so they are not world readable (#70221) (#70824)"

This reverts commit 7e4cffc5d2.

2020-08-12 14:30:47 -05:00

Sam Doran

5cb96087e6

Fix warning for new default permissions when mode is not specified (#70976 ) (#70985 )

Follow up to #70221
Related to #67794
CVE-2020-1736

When set_mode_if_different() is called with mode of 'None', ensure we issue
a warning about the change in default permissions.

Add integration tests to ensure the warning works properly.

* Fix tests
- actually use custom module 🤦‍♂️
- verify file permission on created files
- use remote_tmp_dir so we're ready for split controller
- improve test module so we can skip the call to set_fs_attributes_if_different()
- fix tests for CentOS 6

(cherry picked from commit dc79528cc6)

2020-07-30 10:10:23 -07:00

3 commits