Don't create world-readable module and tempfiles without explicit user permission

author: Toshio Kuratomi <toshio@fedoraproject.org> 2016-03-21 14:17:53 -0700
committer: Toshio Kuratomi <toshio@fedoraproject.org> 2016-03-23 09:52:19 -0700
commit: 52e9209491dee6a0c63edaa770b8601092248283 (patch)
tree: f28558600abff4567a1e0988571b813182a69a07 /lib/ansible/constants.py
parent: 0cabef19ad14d1c4b63da2acd17c2e5ff1d2e7f5 (diff)
download: ansible-52e9209491dee6a0c63edaa770b8601092248283.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/ansible/constants.py b/lib/ansible/constants.py
index ea4f909cf5..1a9cbbce73 100644
--- a/lib/ansible/constants.py
+++ b/lib/ansible/constants.py
@@ -165,6 +165,7 @@ DEFAULT_VAR_COMPRESSION_LEVEL = get_config(p, DEFAULTS, 'var_compression_level',
 # disclosure
 DEFAULT_NO_LOG           = get_config(p, DEFAULTS, 'no_log', 'ANSIBLE_NO_LOG', False, boolean=True)
 DEFAULT_NO_TARGET_SYSLOG   = get_config(p, DEFAULTS, 'no_target_syslog', 'ANSIBLE_NO_TARGET_SYSLOG', False, boolean=True)
+ALLOW_WORLD_READABLE_TMPFILES = get_config(p, DEFAULTS, 'allow_world_readable_tmpfiles', None, False, boolean=True)
 
 # selinux
 DEFAULT_SELINUX_SPECIAL_FS = get_config(p, 'selinux', 'special_context_filesystems', None, 'fuse, nfs, vboxsf, ramfs', islist=True)
author	Toshio Kuratomi <toshio@fedoraproject.org>	2016-03-21 14:17:53 -0700
committer	Toshio Kuratomi <toshio@fedoraproject.org>	2016-03-23 09:52:19 -0700
commit	52e9209491dee6a0c63edaa770b8601092248283 (patch)
tree	f28558600abff4567a1e0988571b813182a69a07 /lib/ansible/constants.py
parent	0cabef19ad14d1c4b63da2acd17c2e5ff1d2e7f5 (diff)
download	ansible-52e9209491dee6a0c63edaa770b8601092248283.tar.gz