ansible/examples
James Cammarata ed56f51f18 Fixing security issue with lookup returns not tainting the jinja2 environment
CVE-2017-7481

Lookup returns wrap the result in unsafe, however when used through the
standard templar engine, this does not result in the jinja2 environment being
marked as unsafe as a whole. This means the lookup result looses the unsafe
protection and may become simple unicode strings, which can result in bad
things being re-templated.

This also adds a global lookup param and cfg options for lookups to allow
unsafe returns, so users can force the previous (insecure) behavior.
2017-05-08 12:43:46 -05:00
..
playbooks
scripts ConfigureRemotingForAnsible: RSA 1024 to RSA 4096 (#23684) 2017-04-19 13:21:25 +02:00
ansible.cfg Fixing security issue with lookup returns not tainting the jinja2 environment 2017-05-08 12:43:46 -05:00
DOCUMENTATION.yml Link to module developing_modules_documenting.html 2017-04-03 17:17:12 +01:00
hosts
hosts.yaml updated better yaml host examples 2017-03-08 14:51:52 -05:00
hosts.yml linked cause people forget yaml and yml exist 2016-09-08 14:18:10 -04:00