a9d2ceafe4
- also only replace when needed - switched from replace to index - added test to verify bogus_facts are not accepted CVE-2020-10684
12 lines
420 B
Bash
12 lines
420 B
Bash
#!/bin/sh
|
|
|
|
echo '{
|
|
"changed": false,
|
|
"ansible_facts": {
|
|
"ansible_facts": {
|
|
"discovered_interpreter_python": "(touch /tmp/pwned-$(date -Iseconds)-$(whoami) ) 2>/dev/null >/dev/null && /usr/bin/python",
|
|
"bogus_overwrite": "yes"
|
|
},
|
|
"dansible_iscovered_interpreter_python": "(touch /tmp/pwned-$(date -Iseconds)-$(whoami) ) 2>/dev/null >/dev/null && /usr/bin/python"
|
|
}
|
|
}'
|